51,410
社区成员
发帖
与我相关
我的任务
分享SpringSecurity实现token自动登录不能生成token,没有进入方法
先看代码
WebSecurityConfigurerAdapter:
```
@Configuration
public class SpringSecurity extends WebSecurityConfigurerAdapter {
@Autowired
MyUserDetailsService myUserDetailsService;
@Autowired
private ISysConfigService configService;
@Override
protected AuthenticationManager authenticationManager() throws Exception {
return super.authenticationManager();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/js/**","/style/**", "/index.html","/*/verify.htm","/test/**").permitAll()
.anyRequest()
.authenticated()// 其他 url 需要身份认证
.and()
.formLogin() //开启登录
.loginPage("/login")// 指定登录请求的 url
// .successHandler(loginSuccessHandler())
.defaultSuccessUrl("/manage") // 登录成功后的 url
.permitAll()
.and()
.logout() //开启注销
.logoutUrl("/logout") //指定注销请求的 url (default is "/logout").
.logoutSuccessUrl("/view/admin/login") // 注销成功后的 url
.permitAll()
.and().rememberMe()
.tokenRepository(persistentTokenRepository())
.tokenValiditySeconds(600)
.userDetailsService(myUserDetailsService)
.and()
.csrf().disable();
http.headers().frameOptions().disable();
http.addFilterBefore(loginAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(myUserDetailsService).passwordEncoder(new MyEncoder());
}
@Bean
public SavedRequestAwareAuthenticationSuccessHandler loginSuccessHandler() { //登入处理
return new SavedRequestAwareAuthenticationSuccessHandler() {
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
SysUser userDetails = (SysUser) authentication.getPrincipal();
logger.info("USER : " + userDetails.getUsername() + " LOGIN SUCCESS ! ");
super.onAuthenticationSuccess(request, response, authentication);
}
};
}
public LoginAuthenticationFilter loginAuthenticationFilter() throws Exception {
LoginAuthenticationFilter loginAuthenticationFilter = new LoginAuthenticationFilter();
loginAuthenticationFilter.setAuthenticationManager(authenticationManager());
//只有post请求才拦截
loginAuthenticationFilter.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher("/login", "POST"));
loginAuthenticationFilter.setAuthenticationSuccessHandler(loginSuccessHandler());
loginAuthenticationFilter.setConfigService(configService);
// loginAuthenticationFilter.setAuthenticationFailureHandler(securityAuthenticationFailureHandler);
return loginAuthenticationFilter;
}
@Bean
public PersistentTokenRepository persistentTokenRepository(){
// 如果token表不存在,使用下面语句可以初始化该表;若存在,请注释掉这条语句,否则会报错。
// tokenRepository.setCreateTableOnStartup(true);
//使用自定义PersistentTokenServiceImpl ehcache 实现
return new PersistentTokenServiceImpl();
}
}
```
PersistentTokenServiceImpl 实现了PersistentTokenRepository
登录可以成功,并且登录页面已经加入```<label><input type="checkbox" name="remember-me" value="true"/>自动登录</label></div>```
问题:死活不能生成token,没有进入PersistentTokenServiceImpl 断点看RememberMeConfigurer是有设置PersistentTokenRepository
WebSecurityConfigurerAdapter:
```
@Configuration
public class SpringSecurity extends WebSecurityConfigurerAdapter {
@Autowired
MyUserDetailsService myUserDetailsService;
@Autowired
private ISysConfigService configService;
@Override
protected AuthenticationManager authenticationManager() throws Exception {
return super.authenticationManager();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/js/**","/style/**", "/index.html","/*/verify.htm","/test/**").permitAll()
.anyRequest()
.authenticated()// 其他 url 需要身份认证
.and()
.formLogin() //开启登录
.loginPage("/login")// 指定登录请求的 url
// .successHandler(loginSuccessHandler())
.defaultSuccessUrl("/manage") // 登录成功后的 url
.permitAll()
.and()
.logout() //开启注销
.logoutUrl("/logout") //指定注销请求的 url (default is "/logout").
.logoutSuccessUrl("/view/admin/login") // 注销成功后的 url
.permitAll()
.and().rememberMe()
.tokenRepository(persistentTokenRepository())
.tokenValiditySeconds(600)
.userDetailsService(myUserDetailsService)
.and()
.csrf().disable();
http.headers().frameOptions().disable();
http.addFilterBefore(loginAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(myUserDetailsService).passwordEncoder(new MyEncoder());
}
@Bean
public SavedRequestAwareAuthenticationSuccessHandler loginSuccessHandler() { //登入处理
return new SavedRequestAwareAuthenticationSuccessHandler() {
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
SysUser userDetails = (SysUser) authentication.getPrincipal();
logger.info("USER : " + userDetails.getUsername() + " LOGIN SUCCESS ! ");
super.onAuthenticationSuccess(request, response, authentication);
}
};
}
public LoginAuthenticationFilter loginAuthenticationFilter() throws Exception {
LoginAuthenticationFilter loginAuthenticationFilter = new LoginAuthenticationFilter();
loginAuthenticationFilter.setAuthenticationManager(authenticationManager());
//只有post请求才拦截
loginAuthenticationFilter.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher("/login", "POST"));
loginAuthenticationFilter.setAuthenticationSuccessHandler(loginSuccessHandler());
loginAuthenticationFilter.setConfigService(configService);
// loginAuthenticationFilter.setAuthenticationFailureHandler(securityAuthenticationFailureHandler);
return loginAuthenticationFilter;
}
@Bean
public PersistentTokenRepository persistentTokenRepository(){
// 如果token表不存在,使用下面语句可以初始化该表;若存在,请注释掉这条语句,否则会报错。
// tokenRepository.setCreateTableOnStartup(true);
//使用自定义PersistentTokenServiceImpl ehcache 实现
return new PersistentTokenServiceImpl();
}
}
```
PersistentTokenServiceImpl 实现了PersistentTokenRepository
登录可以成功,并且登录页面已经加入```<label><input type="checkbox" name="remember-me" value="true"/>自动登录</label></div>```
问题:死活不能生成token,没有进入PersistentTokenServiceImpl 断点看RememberMeConfigurer是有设置PersistentTokenRepository
...全文
请发表友善的回复…
发表回复
