Announcement Announcement Module
Collapse
No announcement yet.
Load AuthenticationProvider based on property value Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Load AuthenticationProvider based on property value

    Hello, I'm new to Spring and I've been referencing the Greenhouse application to get myself started. I really like the annotation based configuration method used in favor of xml and I'd like to continue it throughout. I know that Spring Security is "best configured via xml", but I was wondering if something like this was possible...

    I want to check an environment property and load either an ldap or database-based AuthenticationProvider based on the value. I've mocked up the following code, but I'm running into an issue with the fact that the AuthenticationManager is hard-coded to load a bean with the name "org.springframework.security.authenticationManage r" and throws an exception if it can't find it (ignoring my own)... -_-.

    Is it possible to override this behavior by naming my bean to match or by some other method? I'm not understanding how to set up authentication-manager-ref and if it will even help me here.

    Code:
    	@Configuration
    	@Profile("embedded")
    	static class Embedded {	
    		
    		@Inject
    		private Environment environment;
    		
    		@Inject
    		private AccountRepository accountRepository;			
    
    		@Bean
    		public AuthenticationManager authenticationManager() {
    			List<AuthenticationProvider> authenticationProviders = new ArrayList<AuthenticationProvider>();
    			
    			if(isLdapEnabled()) {
    				authenticationProviders.add(ldapAuthenticationProvider());
    			}
    			authenticationProviders.add(standardAuthenticationProvider());
    						
    			return new ProviderManager(authenticationProviders);
    		}
    		
    		@Bean
    		public AuthenticationProvider standardAuthenticationProvider() {
    			return new UsernamePasswordAuthenticationProvider(accountRepository);
    		}
    		
    		@Bean
    		public AuthenticationProvider ldapAuthenticationProvider() {
    			return new CustomLdapAuthenticationProvider(ldapAuthenticator(), accountRepository);
    		}
    		
    		@Bean
    		public LdapAuthenticator ldapAuthenticator() {
    			LdapAuthenticator la = new PasswordComparisonAuthenticator(contextSource());
    			((AbstractLdapAuthenticator) la).setUserDnPatterns(new String[] {"sAMAccountName={0}"});
    			return la;
    		}
    		
    		@Bean
    		public BaseLdapPathContextSource contextSource() {
    			BaseLdapPathContextSource cs = new DefaultSpringSecurityContextSource(
    					"ldap://myldapserver");
    			((AbstractContextSource) cs).setUserDn("myuserdn");
    			((AbstractContextSource) cs).setPassword("mypass");
    			return cs;
    		}
    		
    		@Bean
    		public PasswordEncoder passwordEncoder() {
    			return new StandardPasswordEncoder("rando");
    		}
    
    		@Bean
    		public TextEncryptor textEncryptor() {
    			return Encryptors.noOpText();
    		}	
    		
    		// helpers
    		
    		private boolean isLdapEnabled() {
    			return Boolean.parseBoolean(environment.getProperty("security.ldap.isEnabled"));
    		}
    
    	}
    Caused by: org.springframework.beans.factory.NoSuchBeanDefini tionException: No bean named 'org.springframework.security.authenticationManage r' is defined: Did you forget to add a gobal <authentication-manager> element to your configuration (with child <authentication-provider> elements)? Alternatively you can use the authentication-manager-ref attribute on your <http> and <global-method-security> elements.
    at org.springframework.security.config.authentication .AuthenticationManagerFactoryBean.getObject(Authen ticationManagerFactoryBean.java:31)
    at org.springframework.security.config.authentication .AuthenticationManagerFactoryBean.getObject(Authen ticationManagerFactoryBean.java:20)
    at org.springframework.beans.factory.support.FactoryB eanRegistrySupport.doGetObjectFromFactoryBean(Fact oryBeanRegistrySupport.java:142)
    ... 68 more

  • #2
    I believe I spoke too soon. I think I've got it figured out:

    <http use-expressions="true" authentication-manager-ref="myAuthenticationManager">

    appears to have done the trick

    Comment

    Working...
    X