spring安全授权服务器

yvgpqqbh  于 2021-07-07  发布在  Java
关注(0)|答案(2)|浏览(452)

我在spring中配置oauth2身份验证服务器时遇到问题,我有我的自定义authenticationprovider,我正在定义我自己的authenticationmanager,但是每次我向“/oauth/token”请求令牌时,我都会看到spring在spring定义的providermanager中不断注入并调用默认的daoauthenticationprovider。
这是我的配置类:

@Configuration
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {

    private AuthenticationManager authenticationManager;

    public AuthorizationServerConfiguration(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    @Bean
    PasswordEncoder passwordEncoder() {
        return PasswordEncoderFactories.createDelegatingPasswordEncoder();
    }

    @Bean
    JwtAccessTokenConverter accessTokenConverter() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        return converter;
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints.authenticationManager(authenticationManager);
    }

}
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    private AuthenticationProvider authenticationProvider;

    public WebSecurityConfig(AuthenticationProvider authenticationProvider) {
        this.authenticationProvider = authenticationProvider;
    }

    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return new ProviderManager(authenticationProvider);
    }
}

提前谢谢
编辑

@Service
public class CustomAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {

    private ADCustomerService adCustomerService;

    public CustomAuthenticationProvider(ADCustomerService adCustomerService) {
        this.adCustomerService = adCustomerService;
    }

    @Override
    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {

    }

    @Override
    protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
        return adCustomerService.retrieveUser(username, authentication);
    }
}
6qftjkof

6qftjkof1#

你需要重写 configure(AuthenticationManagerBuilder auth)WebSecurityConfigurerAdapter
最后一节课应该是这样的

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private CustomAuthenticationProvider authenticationProvider;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(authenticationProvider);
    }

}
zf9nrax1

zf9nrax12#

按以下方式编辑您的WebSecurity配置:

@EnableWebSecurity
    public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
        private AuthenticationProvider authenticationProvider;

        public WebSecurityConfig(AuthenticationProvider authenticationProvider) {
            this.authenticationProvider = authenticationProvider;
        }

        @Override
        @Bean
        public AuthenticationManager authenticationManagerBean() throws Exception {
            return new ProviderManager(authenticationProvider);
        }
    }

@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    private CustomAuthenticationProvider customAuthenticationProvider;

    public WebSecurityConfig(AuthenticationProvider authenticationProvider) {
        this.authenticationProvider = authenticationProvider;
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(customAuthenticationProvider);
    }

    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return new ProviderManager(authenticationProvider);
    }
}

相关问题