Java – (custom) exception of restauthenticationprocessingfilter ordering
•
Java
I tried to add rest authentication to my application with a token
public class RestAuthenticationProcessingFilter extends GenericFilterBean {
@Override
public void doFilter(ServletRequest arg0,ServletResponse arg1,FilterChain arg2) throws IOException,ServletException {
System.out.println(arg0);
// EDIT 25/02/2014
arg2.doFilter(arg0,arg1);
}
}
I am using spring 4.0 and spring security 3.2 with javaconfig
I added this to my adapter:
@Override
protected void configure(HttpSecurity http) throws Exception {
/*
* @RemarqueDev Différence entre permitAll et anonymous : permitAll
* contient anonymous. Anonymous uniquement pour non connecté
*/
http.addFilter(new RestAuthenticationProcessingFilter());
http.csrf().disable().headers().disable();
http.exceptionHandling().authenticationEntryPoint(new RestAuthenticationEntryPoint());
When I run the jetty server, I receive this message:
Nested in org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration: Instantiation of bean Failed; nested exception is org.springframework.beans.factory.BeanDeFinitionStoreException: Factory method [public javax.servlet.Filter org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain() throws java.lang.Exception] threw exception; nested exception is java.lang.IllegalArgumentException: The Filter class my.package.config.RestAuthenticationProcessingFilter does not have a registered order and cannot be added without a specified order. Consider using addFilterBefore or addFilterAfter instead.:
java.lang.IllegalArgumentException: The Filter class com.jle.athleges.config.RestAuthenticationProcessingFilter does not have a registered order and cannot be added without a specified order. Consider using addFilterBefore or addFilterAfter instead.
at org.springframework.security.config.annotation.web.builders.HttpSecurity.addFilter(HttpSecurity.java:1122)
Why?
thank you
Solution
AddFilter:
Your filter is not an instance or extension of a filter within the security framework
But you can use addfilterbefore or addfilterafter
For example:
addFilterBefore(new RestAuthenticationProcessingFilter(),BasicAuthenticationFilter.class)
You can find the order of the security filter chain in the document:
http://docs.spring.io/spring-security/site/docs/3.2.0.RELEASE/apidocs/org/springframework/security/config/annotation/web/HttpSecurityBuilder.html#addFilter%28javax.servlet.Filter%29
The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
二维码