如何将spring配置为在http基本身份验证中使用AuthenticationManager和我的自定义UserDetailService实现?
我试过这个:
@Bean
public SecurityFilterChain configure(HttpSecurity http, PasswordEncoder bCryptPasswordEncoder) throws Exception {
AuthenticationManager authManager = http.getSharedObject(AuthenticationManagerBuilder.class)
.userDetailsService(new UserDetailServiceImpl(userManager))
.passwordEncoder(bCryptPasswordEncoder)
.and()
.authenticationProvider(new DaoAuthenticationProvider()).build();
http.httpBasic().configure(http.authenticationManager(authManager));
return http.build();
}
但是BasicAuthentication筛选器没有注册authManager。
我可以做一些类似的事情:
BasicAuthenticationFilter filter = new BasicAuthenticationFilter(authManager);
http.addFilter(filter);
但可能有一种不同的、更标准的方法来做到这一点
好的,显然不需要配置身份验证管理器。对于基本身份验证,提供UserDetailService就足够了,如下所示:
@Bean
public SecurityFilterChain configureFilterChain(HttpSecurity http) throws Exception {
return http.authorizeHttpRequests().anyRequest().authenticated()
.and().httpBasic().authenticationEntryPoint(bookieAuthenticationEntryPoint)
.and().userDetailsService(new UserDetailServiceImpl(userManager))
.formLogin().disable()
.and().build()