1. 首頁
  2. 問答
  3. spring-social Facebook登錄未設置身份驗證對象

spring-social Facebook登錄未設置身份驗證對象

2016-11-21 65 views
0

我正在使用Facebook登錄在我的應用程序中進行身份驗證。我使用認證過濾器。spring-social Facebook登錄未設置身份驗證對象

身份驗證正常,但是當它重定向回主頁時,過濾器似乎沒有設置Authentication對象,因此調用SecurityContextHolder.getContext()。getAuthentication()將返回null。這隻會在用戶授權我們的應用程序時第一次發生。那之後不會發生。

當前要獲取認證對象集,用戶必須「登錄facebook」兩次。第二次它實際上沒有做任何登錄,過濾器看起來像是在拾取cookie並進行身份驗證,甚至不需要再去Facebook。

所以我的問題是爲什麼我需要通過兩次過濾器?或者我怎樣才能避免這種情況?

配置是這樣的:

<bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"> 
     <constructor-arg value="/login"/> 
     <property name="useForward" value="true"/> 
    </bean> 

    <bean class="com.gigi.web.SpringDataUserDetailsService" id="userService"/> 

    <security:authentication-manager alias="authenticationManager"> 
     <security:authentication-provider user-service-ref="userService"/> 
     <security:authentication-provider ref="socialAuthenticationProvider" /> 
    </security:authentication-manager> 

    <bean class="org.springframework.social.security.SocialAuthenticationFilter" id="socialAuthenticationFilter"> 
     <constructor-arg ref="authenticationManager" /> 
     <constructor-arg ref="userIdSource" /> 
     <constructor-arg ref="usersConnectionRepository" /> 
     <constructor-arg ref="connectionRegistry" /> 

     <property name="postLoginUrl" value="/home" /> 
     <property name="defaultFailureUrl" value="/login?error&amp;social" /> 
     <property name="signupUrl" value="/user/signup" /> 
    </bean> 

    <bean class="org.springframework.social.connect.web.ProviderSignInUtils"> 
     <constructor-arg ref="connectionRegistry"/> 
     <constructor-arg ref="usersConnectionRepository"/> 
    </bean> 

    <bean id="userIdSource" class="org.springframework.social.security.AuthenticationNameUserIdSource" /> 

    <bean id="socialAuthenticationProvider" 
     class="org.springframework.social.security.SocialAuthenticationProvider"> 
     <constructor-arg ref="usersConnectionRepository" /> 
     <constructor-arg ref="userService" /> 
    </bean> 

    <bean id="userSocialConnectionService" class="com.gigi.web.UserSocialConnectionController"></bean> 

    <bean id="usersConnectionRepository" class="com.gigi.social.SpringDataUsersConnectionRepository"> 
     <constructor-arg ref="connectionRegistry" /> 
    </bean> 

    <bean id="connectionRegistry" 
      class="org.springframework.social.security.SocialAuthenticationServiceRegistry"> 
     <property name="authenticationServices"> 
      <list> 
       <bean class="org.springframework.social.facebook.security.FacebookAuthenticationService"> 
        <constructor-arg value="${facebook.app.id}" /> 
        <constructor-arg value="${facebook.app.secret}" /> 
        <constructor-arg value="${facebook.app.namespace}" /> 
       </bean> 
      </list> 
     </property> 
    </bean>

來源

2016-11-21 Stef

回答

0

它看起來像春天不處理它自己,這還挺有道理,雖然我覺得它應該爲配置是可能的,而不是寫代碼。無論如何,這裏是我們如何做到的:

@RequestMapping("/signup") 
public String signUp(WebRequest request) { 
    Connection<?> connection = providerSignInUtils.getConnectionFromSession(request); 
    User user = usersConnectionRepository.createUser(connection); 
    getRepository().save(user); 
    providerSignInUtils.doPostSignUp(user.getId().toString(), request); 
    // the following will automatically log in the user after sign up 
    SecurityContextHolder.getContext().setAuthentication(new SocialAuthenticationToken(connection, user, null, user.getAuthorities())); 
    return "redirect:/home"; 
}

來源

2017-07-19 10:15:56 Stef

相關問題

 相關問題