热门标签
热门文章
- 1NLP技术在自然语言处理领域具有广泛的应用场景,除了之前提到的机器翻译、情感分析、文本分类、信息抽取、语音识别与合成
- 2Unity从Resource.Load() Sprite 加载不成功的问题。_readresource.loadresource
加载不到图片 - 3Docker安装部署Guacamole_docker安装guacamole
- 4ElasticSearch入门(六)SpringBoot2
- 5中国大学生计算机设计大赛2022年(第15届)数媒动画篇_大学生计算机设计大赛动画组每年的主题
- 6人工智能100问 - 5 什么是准确率、召回率、 F 值、 ROC 曲线、 AUC?_人工智能 召回率 准确率
- 7【【51单片机蜂鸣器实现起风了】】_蜂鸣器音乐代码起风了
- 8AI 操控战斗机战胜飞行员?道翰天琼认知智能机器人平台API接口大脑为您揭秘。_战机深度学习
- 9SpringBoot+Vue网上订餐系统(源码+论文+答辩PPT+开题报告)_springboot外卖答辩
- 10leetcode之模拟刷题总结1
当前位置: article > 正文
spring security @EnableWebSecurity自动配置DaoAuthenticationProvider流程_daoauthenticationprovider authprovider = new daoau
作者:Monodyee | 2024-05-04 10:25:11
赞
踩
daoauthenticationprovider authprovider = new daoauthenticationprovider(); se
版本
spring-security:6.2.1
满足下列情况时,spring-security会自动配置DaoAuthenticationProvider
- 使用@EnableWebSecurity
- 注册UserDetailsServiceBean
- 没有注册其他AuthenticationProvider类型的Bean
- 没有通过http.authenticationProvider配置
源码
org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
// 导入全局认证配置
@EnableGlobalAuthentication
public @interface EnableWebSecurity {}
- 1
- 2
- 3
org.springframework.security.config.annotation.authentication.configuration.EnableGlobalAuthentication
// 导入认证配置
@Import(AuthenticationConfiguration.class)
public @interface EnableGlobalAuthentication {}
- 1
- 2
- 3
org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
public class AuthenticationConfiguration {
...
@Bean
public static InitializeUserDetailsBeanManagerConfigurer initializeUserDetailsBeanManagerConfigurer(
ApplicationContext context) {
return new InitializeUserDetailsBeanManagerConfigurer(context);
}
...
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
org.springframework.security.config.annotation.authentication.configuration.InitializeUserDetailsBeanManagerConfigurer
@Order(InitializeUserDetailsBeanManagerConfigurer.DEFAULT_ORDER)
class InitializeUserDetailsBeanManagerConfigurer extends GlobalAuthenticationConfigurerAdapter {
...
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
auth.apply(new InitializeUserDetailsManagerConfigurer());
}
class InitializeUserDetailsManagerConfigurer extends GlobalAuthenticationConfigurerAdapter {
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
if (auth.isConfigured()) { // 如果认证提供者不为空(通过httpSecurity配置了认证提供者,或者注册了AuthenticationProvider类型的Bean),或者上级的认证管理器不为空则跳过
return;
}
UserDetailsService userDetailsService = getBeanOrNull(UserDetailsService.class);
if (userDetailsService == null) { // 如果没有注册 UserDetailsService Bean则跳过
return;
}
// 获取密码编码器 Bean
PasswordEncoder passwordEncoder = getBeanOrNull(PasswordEncoder.class);
// 获取 UserDetailsPasswordService Bean (用于密码重新编码)
UserDetailsPasswordService passwordManager = getBeanOrNull(UserDetailsPasswordService.class);
// 创建并注册 DaoAuthenticationProvider
DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
provider.setUserDetailsService(userDetailsService);
if (passwordEncoder != null) {
provider.setPasswordEncoder(passwordEncoder);
}
if (passwordManager != null) {
provider.setUserDetailsPasswordService(passwordManager);
}
provider.afterPropertiesSet();
auth.authenticationProvider(provider);
}
}
...
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
public class AuthenticationManagerBuilder
extends AbstractConfiguredSecurityBuilder<AuthenticationManager, AuthenticationManagerBuilder>
implements ProviderManagerBuilder<AuthenticationManagerBuilder> {
...
public boolean isConfigured() {
return !this.authenticationProviders.isEmpty() || this.parentAuthenticationManager != null;
}
...
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/Monodyee/article/detail/534037
推荐阅读
相关标签
