预期行为
如何替换默认的UsernamePasswordAuthenticationFilter。
上下文
spring安全版本:5.1.4
问题:
1。用户名和密码被加密并从前端传输到后端。前端RSA加密。后端身份验证首先需要解密。
2.UsernamePasswordAuthenticationFilter
// Can't find how to inject into security
UsernamePasswordAuthenticationFilter
protected String obtainPassword(HttpServletRequest request) {
return request.getParameter(passwordParameter);
}
protected String obtainUsername(HttpServletRequest request) {
return request.getParameter(usernameParameter);
}
3.FormLoginConfigurer FormLoginConfigurer是最终类,无法继承。
构造函数初始化UsernamePasswordAuthenticationFilter,无法更改代码
public FormLoginConfigurer() {
super(new UsernamePasswordAuthenticationFilter(), null);
usernameParameter("username");
passwordParameter("password");
}
4.HttpSecurity
public final class HttpSecurity {
public FormLoginConfigurer<HttpSecurity> formLogin() throws Exception {
return getOrApply(new FormLoginConfigurer<>());
}
}