Java (自定义)RestAuthenticationProcessingFilter 排序的异常
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/21983048/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Exception with (Custom) RestAuthenticationProcessingFilter Ordering
提问by Jonathan Lebrun
I try to add Rest authentication by token to my app. I created a simple filter doing nothing else print a message :
我尝试通过令牌向我的应用程序添加 Rest 身份验证。我创建了一个简单的过滤器,什么都不做就打印一条消息:
public class RestAuthenticationProcessingFilter extends GenericFilterBean {
@Override
public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2) throws IOException, ServletException {
System.out.println(arg0);
// EDIT 25/02/2014
arg2.doFilter(arg0,arg1);
}
}
I'm using Spring 4.0 and Spring Security 3.2 with JavaConfig.
我在 JavaConfig 中使用 Spring 4.0 和 Spring Security 3.2。
I added this in my adapter :
我在我的适配器中添加了这个:
@Override
protected void configure(HttpSecurity http) throws Exception {
/*
* @RemarqueDev Différence entre permitAll et anonymous : permitAll
* contient anonymous. Anonymous uniquement pour non connecté
*/
http.addFilter(new RestAuthenticationProcessingFilter());
http.csrf().disable().headers().disable();
http.exceptionHandling().authenticationEntryPoint(new RestAuthenticationEntryPoint());
}
When I run jetty server, I receive this message:
当我运行码头服务器时,我收到此消息:
Nested in org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration: Instantiation of bean failed; nested exception is org.springframework.beans.factory.BeanDefinitionStoreException: Factory method [public javax.servlet.Filter org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain() throws java.lang.Exception] threw exception; nested exception is java.lang.IllegalArgumentException: The Filter class my.package.config.RestAuthenticationProcessingFilter does not have a registered order and cannot be added without a specified order. Consider using addFilterBefore or addFilterAfter instead.:
java.lang.IllegalArgumentException: The Filter class com.jle.athleges.config.RestAuthenticationProcessingFilter does not have a registered order and cannot be added without a specified order. Consider using addFilterBefore or addFilterAfter instead.
at org.springframework.security.config.annotation.web.builders.HttpSecurity.addFilter(HttpSecurity.java:1122)
Why?
为什么?
采纳答案by Peter Bartels
addFilter:
addFilter:
Adds a Filter that must be an instance of or extend one of the Filters provided within the Security framework. The method ensures that the ordering of the Filters is automatically taken care of. The ordering of the Filters is:...
添加一个过滤器,该过滤器必须是安全框架中提供的过滤器之一的实例或扩展其中的一个过滤器。该方法确保自动处理过滤器的排序。过滤器的顺序是:...
Your filter is not an instance or extend of the Filter within the Security framework.
您的过滤器不是安全框架内过滤器的实例或扩展。
What you can do however is use addFilterBeforeor addFilterAfter.
但是,您可以做的是使用addFilterBefore或addFilterAfter。
For example:
例如:
addFilterBefore(new RestAuthenticationProcessingFilter(), BasicAuthenticationFilter.class)
You can find the order of the security filter chain in the docs.
您可以在文档中找到安全过滤器链的顺序。
