我的web.xml配置是
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
这里是我的安全配置
<intercept-url pattern="/*" access="ROLE_USER" />
<intercept-url pattern="/*.ico" filters="none" />
</http>
<beans:bean id="customAuthenticationProvider" class="net.spring3.provider.MyAuthProvider" />
<authentication-manager>
<authentication-provider ref="customAuthenticationProvider" />
</authentication-manager>
这是我的customAuthProvider类
public class MyAuthProvider implements AuthenticationProvider {
@Override
public boolean supports(Class<? extends Object> arg0) {
// TODO Auto-generated method stub
return false;
}
@SuppressWarnings("serial")
private static Map<String,String> SIMPLE_USERS = new HashMap<String,String>(2) {{
put("joe","joe");
put("bob","bob");
}};
@SuppressWarnings("serial" )
private static List<GrantedAuthority> AUTHORITIES = new ArrayList<GrantedAuthority>(1) {{
add(new GrantedAuthorityImpl("ROLE_USER"));
}};
@Override
public Authentication authenticate(Authentication auth) throws AuthenticationException
{
// All your user authentication needs
System.out.println("==Authenticate Me==");
if (SIMPLE_USERS.containsKey(auth.getPrincipal())
&& SIMPLE_USERS.get(auth.getPrincipal()).equals(auth.getCredentials()))
{
return new UsernamePasswordAuthenticationToken(auth.getName(),auth.getCredentials(),AUTHORITIES);
}
throw new BadCredentialsException("Username/Password does not match for " + auth.getPrincipal());
}
}
该页面显示登录表单,当我输入bob和bob作为登录时,会引发以下错误.
Your login attempt was not successful,try again. Reason: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken
我在调试级别ALL检查日志,这里是我得到的.
FINE: Request is to process authentication Nov 17,2011 5:37:36 AM org.springframework.context.support.AbstractApplicationContext publishEvent FINEST: Publishing event in Root WebApplicationContext: org.springframework.security.authentication.event.AuthenticationFailureProviderNotFoundEvent[source=org.springframework.security.authentication.UsernamePasswordAuthenticationToken@ffff8dfd: Principal: sd; Credentials: [PROTECTED]; Authenticated: false; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe3f86: RemoteIpAddress: 127.0.0.1; SessionId: x4lg4vtktpw9; Not granted any authorities] Nov 17,2011 5:37:36 AM org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter unsuccessfulAuthentication FINE: Authentication request Failed: org.springframework.security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken
对我有什么帮助吗?
解决方法
正如您在注释中已经写过的那样,问题是您始终在自动提供程序的supports()方法中返回false.但是,不要一直返回true,您应该检查您所得到的身份验证:
public class MyAuthenticationProvider implements AuthenticationProvider,Serializable {
@Override
public boolean supports(Class<? extends Object> authentication) {
return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));
}
// ...
}
