Spring-security is not picking up my authentication manager_问答_开发者

Spring-security is not picking up my authentication manager

开发者 https://www.devze.com 2022-12-18 18:09 出处：网络

I am screwed with the spring security configuration issue Here is my configuration <security:global-method-security pre-post-annotations=\"enabled\" />

I am screwed with the spring security configuration issue

Here is my configuration

    <security:global-method-security pre-post-annotations="enabled" />

<security:http auto-config="true">
    <security:intercept-url pattern="/dologin"     access="ROLE_USER,ROLE_ANONYMOUS" /&开发者_如何转开发gt;
    <security:form-login login-processing-url="/security_check" login-page="/onlogin" always-use-default-target="false" authentication-failure-url="/onlogin" default-target-url="/home"  />
    <security:logout invalidate-session="true" logout-url="/logout" logout-success-url="/onlogout" />
    <security:remember-me />
    <security:http-basic/>
</security:http>

<security:authentication-manager alias="authenticationManager">
    <security:authentication-provider ref="daoAuthenticationProvider"/>
</security:authentication-manager>

<bean id="anonymousAuthenticationProvider"
    class="org.springframework.security.authentication.AnonymousAuthenticationProvider">
    <property name="key" value="badgerbadgerbadger" />
</bean>

<bean id="daoAuthenticationProvider"
    class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
    <property name="userDetailsService" ref="userDetailsService" />
</bean>

My problem is that when a request comes for authentication; I find there are only two providers registered.

org.springframework.security.authentication.AnonymousAuthenticationProvider@8fe4ad
org.springframework.security.authentication.RememberMeAuthenticationProvider@1db9cb9

What might me going wrong? Please describe?

I believe you need to identify your custom provider to spring security by using the security:custom-authentication-provider tag.

For example:

<bean id="daoAuthenticationProvider"
     class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
    <security:custom-authentication-provider />
    <property name="userDetailsService" ref="userDetailsService" />
</bean>

You may need that on your anonymousAuthenticationProvider bean also.

Try the following:

<security:authentication-manager>
    <security:authentication-provider user-service-ref="userDetailsService"/>
</security:authentication-manager>

in your daoAuthenticationProvider you have a reference to userDetailsService, but I don't see such bean in your configuration.
check pervious error messages, I would expect to see a reference to missed bean there.

Use/define 'id' while defining security authentication manager.

For Example:

<security:authentication-manager id="authenticationManager" alias="authenticationManager">
    <security:authentication-provider ref="daoAuthenticationProvider"/>
</security:authentication-manager>