Spring Boot中成功身份验证后未生成java JWT令牌
我为每个请求创建了两个过滤器JWTUserName、PasswordFilter和JwtTokenVerifier。我以前使用过这两个过滤器,它们都很有效。我认为主要问题在于我的Spring安全配置。当我调试这两个过滤器时,只会识别JwtTokenVerified,而根本不会调用JWTUserName和PasswordFilter。当我用application/json内容类型从PostMan发出请求时,服务器会给我一个错误:
class path resource [templates/logIn.html] cannot be opened because it does not exist
/登录控制器
@RequestMapping(value="/logIn",method = {RequestMethod.POST,RequestMethod.GET})
public void login(){
}
Spring安全配置
@EnableGlobalMethodSecurity(prePostEnabled = true)
@EnableWebSecurity
@Configuration
@Builder
@AllArgsConstructor(onConstructor = @__(@Autowired))
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private SecureUserDaoService secureUserDaoService;
private JwtConfig jwtConfig;
private SecretKey secretKey;
private PasswordEncoder passwordEncoder;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.addFilter(new JwtUsernameAndPasswordFilter(authenticationManager(), jwtConfig, secretKey))
.addFilterAfter(new JwtTokenVerifier(secretKey, jwtConfig), JwtUsernameAndPasswordFilter.class)
.authorizeRequests()
.antMatchers("/accountPage", "/accountSettings").authenticated()
.antMatchers("/", "/signUp", "/logIn").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.failureUrl("/")
.successForwardUrl("/accountPage");
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(daoAuthenticationProvider());
}
@Bean
public DaoAuthenticationProvider daoAuthenticationProvider(){
DaoAuthenticationProvider provider =
new DaoAuthenticationProvider();
provider.setPasswordEncoder(passwordEncoder);
provider.setUserDetailsService(secureUserDaoService);
return provider;
}
githubrepo
更新:
通过在客户端中调用“/login”而不是“/login”,它就可以工作了,因为即使在我添加。登录页面(“/logIn”)和。logInProcessingUrl(“/logIn”)。当spring通过过滤链时,它似乎仍然无法识别我的自定义登录控制器。如果您知道更好的解决方案,请随时在下面发表评论
共 (0) 个答案