0
我正在使用Facebook登录在我的应用程序中进行身份验证。我使用认证过滤器。spring-social Facebook登录未设置身份验证对象
身份验证正常,但是当它重定向回主页时,过滤器似乎没有设置Authentication对象,因此调用SecurityContextHolder.getContext()。getAuthentication()将返回null。这只会在用户授权我们的应用程序时第一次发生。那之后不会发生。
当前要获取认证对象集,用户必须“登录facebook”两次。第二次它实际上没有做任何登录,过滤器看起来像是在拾取cookie并进行身份验证,甚至不需要再去Facebook。
所以我的问题是为什么我需要通过两次过滤器?或者我怎样才能避免这种情况?
配置是这样的:
<bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
<constructor-arg value="/login"/>
<property name="useForward" value="true"/>
</bean>
<bean class="com.gigi.web.SpringDataUserDetailsService" id="userService"/>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider user-service-ref="userService"/>
<security:authentication-provider ref="socialAuthenticationProvider" />
</security:authentication-manager>
<bean class="org.springframework.social.security.SocialAuthenticationFilter" id="socialAuthenticationFilter">
<constructor-arg ref="authenticationManager" />
<constructor-arg ref="userIdSource" />
<constructor-arg ref="usersConnectionRepository" />
<constructor-arg ref="connectionRegistry" />
<property name="postLoginUrl" value="/home" />
<property name="defaultFailureUrl" value="/login?error&social" />
<property name="signupUrl" value="/user/signup" />
</bean>
<bean class="org.springframework.social.connect.web.ProviderSignInUtils">
<constructor-arg ref="connectionRegistry"/>
<constructor-arg ref="usersConnectionRepository"/>
</bean>
<bean id="userIdSource" class="org.springframework.social.security.AuthenticationNameUserIdSource" />
<bean id="socialAuthenticationProvider"
class="org.springframework.social.security.SocialAuthenticationProvider">
<constructor-arg ref="usersConnectionRepository" />
<constructor-arg ref="userService" />
</bean>
<bean id="userSocialConnectionService" class="com.gigi.web.UserSocialConnectionController"></bean>
<bean id="usersConnectionRepository" class="com.gigi.social.SpringDataUsersConnectionRepository">
<constructor-arg ref="connectionRegistry" />
</bean>
<bean id="connectionRegistry"
class="org.springframework.social.security.SocialAuthenticationServiceRegistry">
<property name="authenticationServices">
<list>
<bean class="org.springframework.social.facebook.security.FacebookAuthenticationService">
<constructor-arg value="${facebook.app.id}" />
<constructor-arg value="${facebook.app.secret}" />
<constructor-arg value="${facebook.app.namespace}" />
</bean>
</list>
</property>
</bean>