未找到 UsernamePasswordAuthenticationToken 的 AuthenticationProvider

Question

我的 web.xml 配置是

<filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

这是我的安全配置

    <intercept-url pattern="/*" access="ROLE_USER" />
    <intercept-url pattern="/*.ico"  filters="none" />


</http>

 <beans:bean id="customAuthenticationProvider" class="net.spring3.provider.MyAuthProvider"  />

    <authentication-manager>

        <authentication-provider ref="customAuthenticationProvider" /> 

    </authentication-manager>

这是我的 customAuthProvider 类

public class MyAuthProvider implements AuthenticationProvider  {


    @Override
    public boolean supports(Class<? extends Object> arg0) {
        // TODO Auto-generated method stub
        return false;
    }


     @SuppressWarnings("serial")
        private static Map<String, String> SIMPLE_USERS = new HashMap<String, String>(2) {{
            put("joe", "joe");
            put("bob", "bob");
        }};

        @SuppressWarnings("serial" )
        private static List<GrantedAuthority> AUTHORITIES = new ArrayList<GrantedAuthority>(1) {{
            add(new GrantedAuthorityImpl("ROLE_USER"));
        }};

        @Override
        public Authentication authenticate(Authentication auth) throws AuthenticationException
        {
            // All your user authentication needs
            System.out.println("==Authenticate Me==");
            if (SIMPLE_USERS.containsKey(auth.getPrincipal()) 
                && SIMPLE_USERS.get(auth.getPrincipal()).equals(auth.getCredentials()))
            {
                return new UsernamePasswordAuthenticationToken(auth.getName(), auth.getCredentials(), AUTHORITIES);
            }
            throw new BadCredentialsException("Username/Password does not match for " + auth.getPrincipal());
        }




}

页面显示登录表单，当我输入 bob 和 bob 作为登录时，它会抛出以下错误。

Your login attempt was not successful, try again.

Reason: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken

我检查了调试级别 ALL 的日志，这就是我得到的。

FINE: Request is to process authentication
Nov 17, 2011 5:37:36 AM org.springframework.context.support.AbstractApplicationContext publishEvent
FINEST: Publishing event in Root WebApplicationContext: org.springframework.security.authentication.event.AuthenticationFailureProviderNotFoundEvent[source=org.springframework.security.authentication.UsernamePasswordAuthenticationToken@ffff8dfd: Principal: sd; Credentials: [PROTECTED]; Authenticated: false; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe3f86: RemoteIpAddress: 127.0.0.1; SessionId: x4lg4vtktpw9; Not granted any authorities]
Nov 17, 2011 5:37:36 AM org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter unsuccessfulAuthentication
FINE: Authentication request failed: org.springframework.security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken

对此有任何帮助..我在这里做错了什么？

Answer 1

正如您在评论中已经写的那样，问题是您总是在您的身份验证提供程序的supports() 方法中返回false。但不要总是返回true，您应该检查authentication，您会得到这样的结果：

public class MyAuthenticationProvider implements AuthenticationProvider, Serializable {

    @Override
    public boolean supports(Class<? extends Object> authentication) {
        return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));
    }

    // ...
}

Answer 2

我遇到了同样的问题。在我的情况下，解决方案是在身份验证通过后将 AbstractAuthenticationToken.setAuthenticated 设置为 true。