Spring Security
  1. Spring Security
  2. SEC-1195

Change <http> parsing behaviour to use an internal AuthenticationManager instance

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.4, 3.0.0 M1
    • Fix Version/s: 3.0.0 M2
    • Component/s: Namespace
    • Labels:
      None

      Description

      One of the complexities with parsing the namespace is that it is necessary to render the authentication providers created by the <http> block with the single AuthenticationManager instance that is used. This makes it difficult to satisfy requests like that in SEC-1095, which wish to use a separately defined AuthenticationManager from a parent context. It also makes it difficult to allow multiple <http> blocks, which we are moving towards as an option by removing the use of globally unique bean names for filters etc.

      It should be possible for all the beans registered by the <http> block to use an internal AuthenticationManager instance which ultimately delegates to the "parent" instance which contains the real providers which the user registers. One way to achieve this would be by introducing the concept of a parent in ProviderManager. The internal instance would also probably be responsible for concurrent session checking.

        Issue Links

          Activity

          Hide
          Luke Taylor added a comment -

          ProviderManager now has the option of being configured with a parent AuthenticationManager, and the <http> block configures its own ProviderManager reference with a reference to the main one as the parent.

          Show
          Luke Taylor added a comment - ProviderManager now has the option of being configured with a parent AuthenticationManager, and the <http> block configures its own ProviderManager reference with a reference to the main one as the parent.

            People

            • Assignee:
              Luke Taylor
              Reporter:
              Luke Taylor
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: