Announcement Announcement Module
No announcement yet.
No namespace config with custom authentication manager? Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • No namespace config with custom authentication manager?

    We use spring security in an OSGi environment and want to publish the authentication manager as an OSGi service in one bundle so that other bundles (e.g. the web bundle) can consume and use this service. This unfortunately is not possible with namespace configuration, because it always tries to create its own authentication manager with the id "org.springframework.authenticationManager". When the imported OSGi service is called "org.springframework.authenticationManager", the namespace configuration tries to call Methods of the ProviderManager class on this osgi-Service. This fails because the service is an AuthenticationManager and not a ProviderManager as it would be when created by the namespace config itself.

    The doc says:
    You can't use a custom AuthenticationManager if you are using either HTTP or method security through the namespace, but this should not be a problem as you have full control over the AuthenticationProviders that are used.
    Is there any compelling reason, why an external authentication manager should not be usable also with namespace configuration? Other spring frameworks e.g. simply do not create a bean if there already exists one with the same id (in this case e.g. "authenticationManager"). It's also strange that the namespace config calls methods of the ProviderManager class directly if a bean with the same Id exists, although this bean is meant to be an AuthenticationManager and not a ProviderManager. Why are those methods not in the AuthenticationManager interface? Or why is there no interface for ProviderManager that i.e. could be exposed by OSGi?

    Possible solutions:
    • Allow existing authenticationManager beans to be plugged into namespace configuration
    • Extract an interface for ProviderManager that could be published as an OSGi service and used in the namespace configuration

    Best regards,