Programmer puzzle solving

    最新消息:Welcome to the puzzle paradise for programmers! Here, a well-designed puzzle awaits you. From code logic puzzles to algorithmic challenges, each level is closely centered on the programmer's expertise and skills. Whether you're a novice programmer or an experienced tech guru, you'll find your own challenges on this site. In the process of solving puzzles, you can not only exercise your thinking skills, but also deepen your understanding and application of programming knowledge. Come to start this puzzle journey full of wisdom and challenges, with many programmers to compete with each other and show your programming wisdom! Translated with DeepL.com (free version)
    你的位置: HOME>matter>java - Upgrading from Spring Framework 5 to 6 (Spring Security 5.7.2 to 6.3.4) - Stack Overflow

    java - Upgrading from Spring Framework 5 to 6 (Spring Security 5.7.2 to 6.3.4) - Stack Overflow

    matteradmin5PV0评论

    I'm currently migrating my application to Spring Framework 6, which required updating the javax namespace to jakarta. While most components seem to be working, I’m facing an issue specifically with the authentication configuration and can’t pinpoint the cause.

    Details: security.xml configuration:

    <security:http authentication-manager-ref="authenticationManager" entry-point-ref="processingFilterEntryPoint" use-expressions="true">
    <security:intercept-url pattern="/msui_login**" access="isAnonymous()" />
    <security:intercept-url pattern="/**" access="isAuthenticated()" />
    <security:custom-filter ref="processingFilter" after="LOGOUT_FILTER" />
    <security:logout success-handler-ref="logoutSuccessHandler" />
    <security:csrf disabled="true" /> 
    <security:headers>
        <security:frame-options policy="SAMEORIGIN" />
    </security:headers>
</security:http>

 <bean id="authenticationManager" class=".springframework.security.authentication.ProviderManager">
        <constructor-arg>
            <list>
                <ref bean="authenticationProvider" />
            </list>
        </constructor-arg>
    </bean>

    I've verified that authenticationProvider is returning the correct Authentication object. However, for the pattern /**, when it checks isAuthenticated, control is being redirected to processingFilterEntryPoint instead. This suggests that Spring Security might not be handling the Authentication object as expected. Could there have been any changes in Spring Security 6.x affecting this behavior? Any insights or troubleshooting tips would be greatly appreciated.

    Environment:

    Spring Framework: 6.1.x
Spring Security: 6.3.x
Tomcat: 10.1.x

    Articles related to this article

    Post a comment

    comment list (0)

    1. No comments so far