Spring Security
  1. Spring Security
  2. SEC-1029

Namespace configured beans cannot be used for autowiring

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Won't Fix
    • Affects Version/s: 2.0.4
    • Fix Version/s: 3.0.0 M1
    • Component/s: Namespace
    • Labels:
      None
    • Environment:
      Java 6u7

      Description

      Many namespace configurable elements lack "alias" property. Better than to add aliases to everything would be publish all beans as normal beans available for autowiring.

      For example:

      There's no way to "recover" <sec:salt-source ...> in the example below:

      <beans ......>
      <sec:authentication-provider user-service-ref="myOwnUserManagementService">
      <sec:password-encoder ref="passwordEncoder">
      <sec:salt-source user-property="username"/>
      </sec:password-encoder>
      </sec:authentication-provider>
      </beans>

      Otherwise it would be great if userManagementServices would be automatically proxied to get encoded passwords to changePassword(...) method, currently it is very difficult to provide custom userManagementService that encodes passwords the same way as authentication service encodes those.

        Activity

        Hide
        Luke Taylor added a comment -

        This isn't a bug. The namespace is intended to provide a simplified configuration syntax for users who do not need the flexibility of configuring the beans directly. Thus it deliberately hides bean implementations (except in a few specific cases). You have other customisation options such as using traditional bean configurations for the AuthenticationProvider and linking this into the namespace.

        Show
        Luke Taylor added a comment - This isn't a bug. The namespace is intended to provide a simplified configuration syntax for users who do not need the flexibility of configuring the beans directly. Thus it deliberately hides bean implementations (except in a few specific cases). You have other customisation options such as using traditional bean configurations for the AuthenticationProvider and linking this into the namespace.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Joonas Koivunen
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: