【Spring Security】 AbstractAuthenticationProcessingFilter
【Spring Security】 AbstractAuthenticationProcessingFilter
Metadata
title: 【Spring Security】 AbstractAuthenticationProcessingFilter
date: 2023-02-01 19:44
tags:
- 行动阶段/完成
- 主题场景/组件
- 笔记空间/KnowladgeSpace/ProgramSpace/ModuleSpace
- 细化主题/Module/SpringSecurity
categories:
- SpringSecurity
keywords:
- SpringSecurity
description: 【Spring Security】 AbstractAuthenticationProcessingFilter
【Spring Security】 AbstractAuthenticationProcessingFilter
AbstractAuthenticationProcessingFilter 是一个模板类,定义了认证处理的过程,用作 Filter 验证用户的基础。
核心源码:
private void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
throws IOException, ServletException {
//
if (!requiresAuthentication(request, response)) {
chain.doFilter(request, response);
return;
}
try {
// 认证
Authentication authenticationResult = attemptAuthentication(request, response);
if (authenticationResult == null) {
// return immediately as subclass has indicated that it hasn't completed
return;
}
// Session 策略管理
this.sessionStrategy.onAuthentication(authenticationResult, request, response);
// Authentication success
if (this.continueChainBeforeSuccessfulAuthentication) {
chain.doFilter(request, response);
}
// 成功处理
successfulAuthentication(request, response, chain, authenticationResult);
} catch (InternalAuthenticationServiceException failed) {
this.logger.error("An internal error occurred while trying to authenticate the user.", failed);
// 失败处理
unsuccessfulAuthentication(request, response, failed);
} catch (AuthenticationException ex) {
// Authentication failed
// 失败处理
unsuccessfulAuthentication(request, response, ex);
}
}
AbstractAuthenticationProcessingFilter 可以对提交给它的任何身份验证请求进行身份验证。
本博客所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来自 蝶梦庄生!
wechat
alipay
相关推荐
评论