个人中心
gpt4 book ai didi

java - 覆盖现有的 Spring Security 身份验证

转载 作者:太空宇宙 更新时间:2023-11-04 11:44:17 26 4
gpt4 key购买 nike

如何通过调用 Web 服务来覆盖现有的 Spring Security 身份验证,并且当失败时,需要重定向某些第三方登录页面。

为了调用此身份验证 Web 服务,我需要获取一些 ServletRequest 参数,为了重定向,我需要访问 ServletResponse。

因此我需要找出一些带有 ServletRequest 和 ServletResponse 参数的身份验证方法。

但是,我仍然没能找到这样的ProcessingFilter或AuthenticationProvider。

根据 Spring Security basic,我似乎必须重写 AuthenticationProvider 相关的身份验证方法。

根据用例,我必须实现 Spring Security 预身份验证,

但问题是与 PreAuthenticatedAuthenticationProvider 相关的“身份验证”方法仅具有身份验证参数。

PreAuthenticatedAuthenticationProvider

public class PreAuthenticatedAuthenticationProvider implements
        AuthenticationProvider, InitializingBean, Ordered {

    public Authentication authenticate(Authentication authentication) {}

}

作为解决方案,是否有可能使用 AuthenticationFailureHandler 的自定义实现?

谢谢。

最佳答案

我已通过以下方式解决了该问题,

  • 实现自定义 AbstractPreAuthenticatedProcessingFilter

重写doFilter方法

@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {

    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) res;

    try { 

        // Get current Authentication object from SecurityContext
        Authentication auth = SecurityContextHolder.getContext().getAuthentication();

        // Call for third party WS when the Authenticator object is null
        if (auth == null) {

            logger.debug("doFilter : Proceed the authentication"); 

            String appId = "My_APP_ID";
            String redirectURL = request.getRequestURL().toString(); 

            // Call for third party WS for get authenticate 
            if (WS_Authenticator.isAuthenticated(appId, redirectURL)) { 

                // Successfully authenticated
                logger.debug("doFilter : WS authentication success");

                // Get authenticated username 
                String userName = WS_Authenticator.getUserName();               

                // Put that username to request
                request.setAttribute("userName", userName);

            } else {

                String redirectURL = WS_Authenticator.getAuthorizedURL();
                logger.debug("doFilter : WS authentication failed");
                logger.debug("doFilter : WS redirect URL : " + redirectURL);

                ((HttpServletResponse) response).setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY);
                ((HttpServletResponse) response).sendRedirect(redirectURL);

                // Return for bypass the filter chain 
                return;
            }   

        } else {
            logger.debug("doFilter : Already authenticated"); 
        }   

    } catch (Exception e) {
        logger.error("doFilter: " + e.getMessage());            
    }

    super.doFilter(request, response, chain);
    return;
}

重写getPreAuthenticatedCredentials方法

@Override
protected Object getPreAuthenticatedCredentials(HttpServletRequest request) {

    // Get authenticated username
    String[] credentials = new String[1];
    credentials[0] = (String) request.getAttribute("userName");

    return credentials;
}
  • 实现 CustomAuthenticationUserDetailsS​​erviceImpl

重写loadUserDetails方法

public class CustomAuthenticationUserDetailsServiceImpl implements AuthenticationUserDetailsService<Authentication> {

    protected static final Logger logger = Logger.getLogger(CustomAuthenticationUserDetailsServiceImpl.class);

    @Autowired
    private UserDataService userDataService;

    public UserDetails loadUserDetails(Authentication token) throws UsernameNotFoundException {

        // Get authenticated username 
        String[] credentials = (String[]) token.getCredentials();
        String userName = credentials[0];

        try {

            // Get user by username
            User user = userDataService.getDetailsByUserName(userName); 

            // Get authorities username             
            List<String> roles = userDataService.getRolesByUserName(userName);          
            user.setCustomerAuthorities(roles);
            return user;

        } catch (Exception e) {
            logger.debug("loadUserDetails: User not found! " + e.getMessage());
            return null;
        }       
    }
}

关于java - 覆盖现有的 Spring Security 身份验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/42481853/

26 4 0
文章推荐: c++ - GDB 找不到调试符号
文章推荐: linux - 在 C 程序中调用 pppd 会阻塞线程
文章推荐: javascript - 如何从 for 循环中随机选择颜色和形状并将其显示在另一个 div 中?
文章推荐: linux - 保持 bash 脚本 while 循环条件从打印到控制台
太空宇宙
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com