Announcement Announcement Module
No announcement yet.
authentication-manager: "id" vs "alias" Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • authentication-manager: "id" vs "alias"


    I'm a bit new to Spring Security... maybe someone can explain the difference between "id" and "alias" when defining my authentication-manager(s)? i saw both usages in the samples, including ref-ing these two, without understanding the diff between them


  • #2
    It is the same, but the alias existed before the id. The id was created for a consistent experience. Also see the Namespace Appendix documentation on [email protected]


    • #3
      Thanks, Rob!


      • #4
        While working with oAuth, i need to define 2 authentication providers. In their samples, I saw that one is defined with "id", and the other one with "alias".
        As I understood from Rob and from the documentation, the "id" is similar to the "alias". So i've tried to define both authentication-managers with an "id" (different id for each one, of course...).

            <security:authentication-manager id="clientAuthenticationManager">
                <security:authentication-provider user-service-ref="clientDetailsUserService" />
        and in this one i changed to "id" instead of "alias":

        	<security:authentication-manager id="authenticationManager">
        		<security:authentication-provider user-service-ref="userDetailsService" />
        I got a runtime error,
        ...Caused by: org.springframework.beans.factory.NoSuchBeanDefini tionException: No bean named 'org.springframework
        .security.authenticationManager' is defined.

        Can you explain why? can't I have 2 different authentication-managers defined with an "id"? when I change the "id" back to "alias" - it is working ...

        Please advise,


        • #5
          I suppose I should elaborate. Internally, Spring Security uses the id org.springframework
          .security.authenticationManager by default. The id will override the default identifier. Spring Security OAuth is requiring the default identifier so when it is overridden it complains. The alias is a way to provide an alias to that identifier, so it will not override the default id. Since the default id is an internal implementation detail (see javadoc on BeanIds), this is effectively the same as changing the id.