Spring Security
  1. Spring Security
  2. SEC-1486 Generify AuthenticationDetailsSource
  3. SEC-1537

Remove use of reflection in AuthenticationDetailsSource implementations

    Details

    • Type: Sub-task Sub-task
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Complete
    • Affects Version/s: None
    • Fix Version/s: 3.1.0.M1
    • Component/s: Core, Web
    • Labels:
      None

      Description

      Writing a custom AuthenticationDetailsSource is trivial if the use of a custom object is desired. The current approach of allowing the injection of a class type and then searching for a constructor which takes a single argument of the context type (e.g. HttpServletRequest in web applications) is unnecessarily complicated, offers no type safety and doesn't really offer any gains over implementing AuthenticationDetailsSource directly.

        Activity

        Hide
        Luke Taylor added a comment -

        Removed in WebAuthenticationDetailsSource which now returns a plain WebAuthenticationDetails. Implement AuthenticationDetailsSource directly and inject that if an alternative is required.

        Show
        Luke Taylor added a comment - Removed in WebAuthenticationDetailsSource which now returns a plain WebAuthenticationDetails. Implement AuthenticationDetailsSource directly and inject that if an alternative is required.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Luke Taylor
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: