Spring Security
  1. Spring Security
  2. SEC-1212

Document salt-source-ref in namespace appendix

    Details

    • Type: Task Task
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 2.0.5
    • Fix Version/s: 3.0.0 RC1
    • Component/s: Docs and Website
    • Labels:
      None

      Description

      Trying to use password encryption with salts pretty much conflicts with namespace configuration as you can not declare a SaltSource at the authentication-provider element. This forces one to declare the DaoAthenticationProvider as standard Spring bean which is not picked up by an AuthenticationManager created via the namespace. Thus I the standard Spring bean configuration mode bubbles up again.

      As salting is a very common task to do in combination with encryption this should kick one out of the namespace config entirely.

        Activity

        Hide
        Luke Taylor added a comment -

        The use of password encoders, with or without a salt source is already supported in the namespace, as is the addition of a custom authentication provider defined as a Spring bean. Either option is available to you so there's no question of you being "kicked out" of using namespace configuration if you want to use salted passwords.

        Show
        Luke Taylor added a comment - The use of password encoders, with or without a salt source is already supported in the namespace, as is the addition of a custom authentication provider defined as a Spring bean. Either option is available to you so there's no question of you being "kicked out" of using namespace configuration if you want to use salted passwords.
        Hide
        Oliver Gierke added a comment -

        Thanks for the fast reply, Luke. I got it working after diving into the docs once again. Apparently the problem was that the configuration of salting is only contained in the "Getting Started" part (2.2.3.1). The namespace reference in the appendix is somewhat incomplete regarding the authentication-provider element. So maybe you can rebrand this ticket to either create a link to the section where usage of authentication-provider is explained or simply extend the reference for the element.

        Regards,
        Ollie

        Show
        Oliver Gierke added a comment - Thanks for the fast reply, Luke. I got it working after diving into the docs once again. Apparently the problem was that the configuration of salting is only contained in the "Getting Started" part (2.2.3.1). The namespace reference in the appendix is somewhat incomplete regarding the authentication-provider element. So maybe you can rebrand this ticket to either create a link to the section where usage of authentication-provider is explained or simply extend the reference for the element. Regards, Ollie
        Hide
        Luke Taylor added a comment -

        Version 3.0 will require an explicit declaration of the AuthenticationManager in the namespace, using the authentication-manager element, and the the providers will be listed in there (custom-authentication-provider will no longer be supported). See SEC-1196. This overcomes quite a few issues which have resulted as a result of having an internally registered AuthenticationManager. So there will need to be quite a few documentation changes on this front.

        Show
        Luke Taylor added a comment - Version 3.0 will require an explicit declaration of the AuthenticationManager in the namespace, using the authentication-manager element, and the the providers will be listed in there (custom-authentication-provider will no longer be supported). See SEC-1196 . This overcomes quite a few issues which have resulted as a result of having an internally registered AuthenticationManager. So there will need to be quite a few documentation changes on this front.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Oliver Gierke
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: