Spring Security Source Code -- 验证标准流程

除了初始阶段:

主干验证流程链:

MyInvocationSecurityMetadataSource.getAttributes(Object) line: 43

MyFilterSecurityInterceptor(AbstractSecurityInterceptor).beforeInvocation(Object) line: 172

MyFilterSecurityInterceptor.invoke(FilterInvocation) line: 49

MyFilterSecurityInterceptor.doFilter(ServletRequest, ServletResponse, FilterChain) line: 45

FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 381

ExceptionTranslationFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 97

FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 381

SessionManagementFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 100

FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 381

AnonymousAuthenticationFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 78

FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 381

SecurityContextHolderAwareRequestFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 54

FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 381

RequestCacheAwareFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 35

FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 381

BasicAuthenticationFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 177

FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 381

DefaultLoginPageGeneratingFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 91

FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 381

UsernamePasswordAuthenticationFilter(AbstractAuthenticationProcessingFilter).doFilter(ServletRequest, ServletResponse, FilterChain) line: 187

FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 381

LogoutFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 105

FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 381

SecurityContextPersistenceFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 79

FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 381

ConcurrentSessionFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 109

FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 381

FilterChainProxy.doFilter(ServletRequest, ServletResponse, FilterChain) line: 168

DelegatingFilterProxy.invokeDelegate(Filter, ServletRequest, ServletResponse, FilterChain) line: 237

DelegatingFilterProxy.doFilter(ServletRequest, ServletResponse, FilterChain) line: 167

ApplicationFilterChain.internalDoFilter(ServletRequest, ServletResponse) line: 241

ApplicationFilterChain.doFilter(ServletRequest, ServletResponse) line: 208

StandardWrapperValve.invoke(Request, Response) line: 220

StandardContextValve.invoke(Request, Response) line: 122

NonLoginAuthenticator(AuthenticatorBase).invoke(Request, Response) line: 501

StandardHostValve.invoke(Request, Response) line: 171

ErrorReportValve.invoke(Request, Response) line: 103

AccessLogValve.invoke(Request, Response) line: 950

StandardEngineValve.invoke(Request, Response) line: 116

CoyoteAdapter.service(Request, Response) line: 408

Http11Processor(AbstractHttp11Processor<S>).process(SocketWrapper<S>) line: 1070

Http11Protocol$Http11ConnectionHandler(AbstractProtocol$AbstractConnectionHandler<S,P>).process(SocketWrapper<S>, SocketStatus) line: 611

JIoEndpoint$SocketProcessor.run() line: 314

ThreadPoolExecutor(ThreadPoolExecutor).runWorker(ThreadPoolExecutor$Worker) line: 1145

ThreadPoolExecutor$Worker.run() line: 615

TaskThread$WrappingRunnable.run() line: 61

TaskThread(Thread).run() line: 745

时间: 2024-10-12 09:45:42

Spring Security Source Code -- 验证标准流程的相关文章

Spring Security 自定义登录验证与自定义回调地址

1 配置文件 security-ns.xml <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www

springboot+spring security +oauth2.0 demo搭建(password模式)(认证授权端与资源服务端分离的形式)

项目security_simple(认证授权项目) 1.新建springboot项目 这儿选择springboot版本我选择的是2.0.6 点击finish后完成项目的创建 2.引入maven依赖  下面是我引入的依赖 1 <?xml version="1.0" encoding="UTF-8"?> 2 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi=&q

Spring Security(三十一):9.6 Localization(本地化)

Spring Security supports localization of exception messages that end users are likely to see. If your application is designed for English-speaking users, you don't need to do anything as by default all Security messages are in English. If you need to

Java Web系列:Spring Security 基础

Spring Security虽然比JAAS进步很大,但还是先天不足,达不到ASP.NET中的认证和授权的方便快捷.这里演示登录.注销.记住我的常规功能,认证上自定义提供程序避免对数据库的依赖,授权上自定义提供程序消除从缓存加载角色信息造成的角色变更无效副作用. 1.基于java config的Spring Security基础配置 (1)使用AbstractSecurityWebApplicationInitializer集成到Spring MVC 1 public class Securit

Spring Security 3 (三) 用户数据存放于数据库

上章回顾: 上一章中,我们将用户名.密码以及用户对应的角色都配置于applicationContext-security.xml中,基本实现了我们能控制用户的访问权限.但是在现实开发中,我们不可能将用户信息硬编码在配置文件中,通常我们都是存放到数据中.同时我们应该对用户的密码进行加密存储. 目标: 1.将用户信息存放于数据库 2.对用户的密码进行加密 详细操作: 1.其他代码参考上一章中代码.本章中,首先我们要创建一张数据表来记录我们的用户信息.SpringSecurity提供的验证机制中,首先

第一章 Spring Security是什么?

1. 介绍 1.1 Spring Security是什么? Spring Security是一个强大的和高度可定制的身份验证和访问控制框架. 它是保证基于spring的应用程序安全的实际标准. 1.2 Spring Security 的一些能实现的具体的一些功能特性 HTTP基本身份验证header(IETF RFC-based标准) HTTP摘要式身份验证头(IETF RFC-based标准) HTTP X. 509客户端证书交换(IETF RFC-based标准) LDAP(一种很常见的方法

Spring Security身份认证之HelloSpringSecurity

在上一篇文档中,对Spring Security中的身份认证的流程和管理进行了详细介绍,本文将从实践的角度告诉大家如何使用最简便的方式用Spring Security进行身份验证. 开发环境如下: JDK 1.7 Tomcat 7 Eclipse Spring Security 3.2.5 项目目录结构如下: 1.新建Maven Project,对Maven不熟悉的童鞋请自行充电,现在这个念头不学习Maven绝对是不行的. 2. 在Pom.xml添加相关jar依赖. <project xmlns

Spring Security身份认证之HelloSpringSecurity(附源码)

在上一篇文档中,对Spring Security中的身份认证的流程和管理进行了详细介绍,本文将从实践的角度告诉大家如何使用最简便的方式用Spring Security进行身份验证. 开发环境如下: JDK 1.7 Tomcat 7 Eclipse Spring Security 3.2.5 项目目录结构如下: 1.新建Maven Project,对Maven不熟悉的童鞋请自行充电,现在这个念头不学习Maven绝对是不行的. 2. 在Pom.xml添加相关jar依赖. <project xmlns

Spring Security 快速了解

在Spring Security之前 我曾经使用 Interceptor 实现了一个简单网站Demo的登录拦截和Session处理工作,虽然能够实现相应的功能,但是无疑Spring Security提供的配置方法更加简单明确,能够更好的保护Web应用. Spring Security的相关结构 这里大家可以参考Spring Security的官方介绍文档:spring-security-architecture 简单的来说: Spring Security是一个单一的Filter,其具体的类型是