AbstractAuthenticationProcessingFilter.class
private void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain){
// 是否需要认证
if (!this.requiresAuthentication(request, response)) {
chain.doFilter(request, response);
} else {
try {
// 调用子类UsernamePasswordAuthenticationFilter中的attemptAuthentication方法
Authentication authenticationResult = this.attemptAuthentication(request, response);
// 认证失败, 拐弯回去
if (authenticationResult == null) {
return;
}
// 成功认证后
// 调用本类中的successfulAuthentication
this.successfulAuthentication(request, response, chain, authenticationResult);
} catch (InternalAuthenticationServiceException var5) {
this.logger.error("An internal error occurred while trying to authenticate the user.", var5);
this.unsuccessfulAuthentication(request, response, var5);
} catch (AuthenticationException var6) {
this.unsuccessfulAuthentication(request, response, var6);
}
}
}
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult){
// 类似于cookie,session
// 保存当前访问者的信息
SecurityContextHolder.getContext().setAuthentication(authResult);
if (this.logger.isDebugEnabled()) {
this.logger.debug(LogMessage.format("Set SecurityContextHolder to %s", authResult));
}
this.rememberMeServices.loginSuccess(request, response, authResult);
if (this.eventPublisher != null) {
this.eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(authResult, this.getClass()));
}
this.successHandler.onAuthenticationSuccess(request, response, authResult);
}