gpt4 book ai didi

spring-boot - Spring Security : what function does AuthenticationManager. authenticate() 执行

转载 作者:行者123 更新时间:2023-12-04 14:22:43 26 4
gpt4 key购买 nike

我已经使用 JWT 研究 Spring 安全性一段时间了,我注意到在我阅读的每个教程中,用户名和密码都被获取,包装在 UsernamePasswordAuthenticationToken 中并传递给 AuthenticationManager.authenticate() 之类的东西:

@RequestMapping(value = "${jwt.route.authentication.path}", method = RequestMethod.POST)
public ResponseEntity<?> createAuthenticationToken(@RequestBody JwtAuthenticationRequest authenticationRequest) throws AuthenticationException {

authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(authenticationRequest.getUsername(), authenticationRequest.getPassword()));

// Reload password post-security so we can generate the token
final UserDetails userDetails = userDetailsService.loadUserByUsername(authenticationRequest.getUsername());
final String token = jwtTokenUtil.generateToken(userDetails);

// Return the token
return ResponseEntity.ok(new JwtAuthenticationResponse(token));
}

我的问题是 authenticate 方法是做什么的,为什么要使用它?

最佳答案

来自Spring Security Reference :

AuthenticationManager is just an interface, so the implementation can be anything we choose. (...) The default implementation in Spring Security is called ProviderManager and rather than handling the authentication request itself, it delegates to a list of configured AuthenticationProviders, each of which is queried in turn to see if it can perform the authentication. Each provider will either throw an exception or return a fully populated Authentication object.

关于spring-boot - Spring Security : what function does AuthenticationManager. authenticate() 执行,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/52173405/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com