短信验证码
来源:1-1 导学
weixin_慕侠4293963
2020-05-16
4-12短信验证码问题:
@Override
protected void configure(HttpSecurity http) throws Exception {
ValidateCodeFilter validateCodeFilter = new ValidateCodeFilter();
validateCodeFilter.setAuthenticationFailureHandler(fgsAuthenticationFailureHandler);
validateCodeFilter.setSecurityProperties(securityProperties);
validateCodeFilter.afterPropertiesSet();
SmsCodeFilter smsCodeFilter = new SmsCodeFilter();
smsCodeFilter.setAuthenticationFailureHandler(fgsAuthenticationFailureHandler);
smsCodeFilter.setSecurityProperties(securityProperties);
validateCodeFilter.afterPropertiesSet();
http.addFilterBefore(smsCodeFilter,UsernamePasswordAuthenticationFilter.class)
.addFilterBefore(validateCodeFilter,UsernamePasswordAuthenticationFilter.class)
.formLogin()
.loginPage("/authentication/require")
.loginProcessingUrl("/authentication/form")
.successHandler(fgsAuthenticationSuccessHandler)
.failureHandler(fgsAuthenticationFailureHandler)
.and()
.rememberMe()
.tokenRepository(persistentTokenRepository())
.tokenValiditySeconds(securityProperties.getBrowser().getRememberMeSeconds())
.userDetailsService(userDetailsService)
//http.httpBasic()
.and()
.authorizeRequests()
.antMatchers("/authentication/require","/authentication/mobile",securityProperties.getBrowser().getLoginPage(),
"/code/*").permitAll()
.anyRequest()
.authenticated()
.and()
.csrf().disable()
.apply(smsCodeAuthenticationSecurityConfig);
}
启动项目,图形验证码过滤器起作用可以返回{“content”:“验证码的值不能为空”});短信验证码filter无效,即使不发送验证码,直接点登陆也能返回用户信息?
写回答
1回答
-
JoJo
2020-05-25
跟踪一下代码定位一下问题吧,看看是filter本身没起作用,还是filter内的逻辑有问题。
00
Spring Security技术栈开发企业级认证与授权
Spring Security技术栈,REST风格开发常见接口,独立开发认证授权模块保证REST服务安全
2662 学习 · 1561 问题
相似问题