Announcement Announcement Module
Collapse
No announcement yet.
Chaining Authentication Providers Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Chaining Authentication Providers

    From reading the documentation, it seems like it should be possible to chain authentication providers like the following:

    Code:
        <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
            <property name="providers">
                <list>
                    <ref local="daoAuthenticationProvider"/>
                    <ref local="jaasAuthenticationProvider"/>
                </list>
            </property>
        </bean>
    However, the only way to authenticate a user against the "jaasAuthenticationProvider" is to comment out the "daoAuthenticationProvider". Any ideas why?

    Thanks,

    Matt

  • #2
    Not sure if this is your issue but what I did is to extend the first provider in the list and rather than throw an exception if it failed to authenticate, it simply returns null which will cause the provider manager to keep trying. See topic http://forum.springframework.org/vie...099&highlight=

    HTH

    Comment


    • #3
      Each AuthenticationProvider is designed to process a particular class of Authentication. To faciltiate the fact most AuthenticationProvider use UsernamePasswordAuthenticationToken, the "return null" option was added as mentioned earlier.

      I've added to my TODO list a solution. I think modifying DaoAuthenticationProvider to return null if a property is set is the simplest solution. A more elegant solution would be to have the failover logic of each provider declaratively configured in ProviderManager. If anyone beats me to this, please feel free to submit a patch to this forum or the acegisecurity-developer list.

      Comment

      Working...
      X