无法覆盖 AuthenticationSuccessHandler 的 onAuthenticationSuccess 方法
Can't override onAuthenticationSuccess method of AuthenticationSuccessHandler
在其他一些帖子之后,我试图覆盖 spring-security 处理程序的身份验证成功方法,但它从未被调用过。我的代码如下所示:
src/groovy/mypackage/MyAuthenticationSuccessHandler.groovy
:
package mypackage
import org.springframework.security.core.Authentication
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
import javax.servlet.ServletException
import javax.servlet.http.HttpServletRequest
import javax.servlet.http.HttpServletResponse
public class MyAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
public MyAuthenticationSuccessHandler() {
println("constructed!")
}
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException {
println("override called")
super.onAuthenticationSuccess(request, response, authentication);
}
}
resources.groovy:
authenticationSuccessHandler(MyAuthenticationSuccessHandler) {
def conf = SpringSecurityUtils.securityConfig
requestCache = ref('requestCache')
defaultTargetUrl = conf.successHandler.defaultTargetUrl
alwaysUseDefaultTargetUrl = conf.successHandler.alwaysUseDefault
targetUrlParameter = conf.successHandler.targetUrlParameter
useReferer = conf.successHandler.useReferer
redirectStrategy = ref('redirectStrategy')
}
没有错误,肯定会调用构造函数并将 MyAuthenticationSuccessHandler
注入到测试控制器中,但从未调用 onAuthenticationSuccess
。我在 superclass 版本中放置了一个断点并且有效。我还尝试在 java 中重写我的自定义 class 但这没有用。
我做错了什么?
原来另一个登录过滤器已经处于活动状态,它阻止了正常方法的工作。有问题的过滤器是 org.mitre.openid.connect.client.OIDCAuthenticationFilter
,解决方法是通过该过滤器注入成功处理程序,例如:
authenticationSuccessHandler(apipulse.MyAuthenticationSuccessHandler) {
clientRegistrationTemplate = ref(clientRegistrationTemplate)
}
...
openIdConnectAuthenticationFilter(OIDCAuthenticationFilter) {
...
authenticationSuccessHandler = ref('authenticationSuccessHandler')
}
刚刚浪费了一天时间看这个 - 非常感谢,spring。
在其他一些帖子之后,我试图覆盖 spring-security 处理程序的身份验证成功方法,但它从未被调用过。我的代码如下所示:
src/groovy/mypackage/MyAuthenticationSuccessHandler.groovy
:
package mypackage
import org.springframework.security.core.Authentication
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
import javax.servlet.ServletException
import javax.servlet.http.HttpServletRequest
import javax.servlet.http.HttpServletResponse
public class MyAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
public MyAuthenticationSuccessHandler() {
println("constructed!")
}
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException {
println("override called")
super.onAuthenticationSuccess(request, response, authentication);
}
}
resources.groovy:
authenticationSuccessHandler(MyAuthenticationSuccessHandler) {
def conf = SpringSecurityUtils.securityConfig
requestCache = ref('requestCache')
defaultTargetUrl = conf.successHandler.defaultTargetUrl
alwaysUseDefaultTargetUrl = conf.successHandler.alwaysUseDefault
targetUrlParameter = conf.successHandler.targetUrlParameter
useReferer = conf.successHandler.useReferer
redirectStrategy = ref('redirectStrategy')
}
没有错误,肯定会调用构造函数并将 MyAuthenticationSuccessHandler
注入到测试控制器中,但从未调用 onAuthenticationSuccess
。我在 superclass 版本中放置了一个断点并且有效。我还尝试在 java 中重写我的自定义 class 但这没有用。
我做错了什么?
原来另一个登录过滤器已经处于活动状态,它阻止了正常方法的工作。有问题的过滤器是 org.mitre.openid.connect.client.OIDCAuthenticationFilter
,解决方法是通过该过滤器注入成功处理程序,例如:
authenticationSuccessHandler(apipulse.MyAuthenticationSuccessHandler) {
clientRegistrationTemplate = ref(clientRegistrationTemplate)
}
...
openIdConnectAuthenticationFilter(OIDCAuthenticationFilter) {
...
authenticationSuccessHandler = ref('authenticationSuccessHandler')
}
刚刚浪费了一天时间看这个 - 非常感谢,spring。