java - 具有自定义AuthenticationManager的SpringSecurity BasicAuthenticationFilter

对于BasicAuthenticationFilter，我尝试注入自己的AuthenticationManager。
但是，当我调试启动程序时，我总是发现Class BasicAuthenticationFilter.java类没有使用我的AuthenticationManager。

如何将其传递给BasicAuthenticationFilter？

我正在使用SpringBoot 2.1.0和Spring-Security-Oauth2 2.0.1

AuthorizationConfiguration.java

@Configuration
@EnableAuthorizationServer
public class AuthorizationConfiguration extends
AuthorizationServerConfigurerAdapter {

@Autowired
private AuthenticationManager authenticationManager;

@Autowired
@Qualifier("passwordEncoder")
private PasswordEncoder passwordEncoder;

@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
    System.out.println(passwordEncoder.encode("SECRET"));
    clients
    .inMemory()
    .withClient("clientapp")
    .authorizedGrantTypes("client_credentials")
    .authorities("USER")
    .scopes("read", "write")
    .secret(passwordEncoder.encode("SECRET"));

}

@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
    security.tokenKeyAccess("permitAll()");
}

@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
    endpoints.authenticationManager(authenticationManager);
}
}

WebSecurityConfiguration.java

@Configuration
@EnableWebSecurity
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter{

@Override
@Bean(name = BeanIds.AUTHENTICATION_MANAGER)
@Primary
public AuthenticationManager authenticationManagerBean() throws Exception {
    return super.authenticationManager();
}


@Bean
public PasswordEncoder passwordEncoder() {
    return new BCryptPasswordEncoder(16);
}

@Override
public void configure(WebSecurity web) throws Exception {
    web.ignoring()
    .antMatchers(ResourceConfiguration.TEST_PATHS);
}

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    DaoAuthenticationProvider daoAuth = new DaoAuthenticationProvider();
    daoAuth.setPasswordEncoder(passwordEncoder());
    auth.authenticationProvider(daoAuth);
}

谢谢您的帮助。

最佳答案

在您的WebSecurityConfiguration中，authenticationManagerBean（）应该返回您自己的AuthenticationManager bean实例，而不是super.authenticationManager（）？