Spring Security
  1. Spring Security
  2. SEC-1847

Allow use of custom AuthenticationManager in <http> and <global-method-security>

    Details

    • Type: New Feature New Feature
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Complete
    • Affects Version/s: None
    • Fix Version/s: 3.1.0
    • Component/s: Namespace
    • Labels:
      None

      Description

      Since it is now possible to have mutiple filter chains in the namespace, may be more convenient to use different AuthenticationManager configurations for each filter chain, or even to implement the AuthenticationManager interface and not have to deal with AuthentiationProvider implementations. It would make sense to provide a hook in the namespace elements to facilitate this.

        Activity

        Hide
        Agustin Lopez added a comment -

        Hi Luke,

        I saw that you fixed this recently. I downloaded and compiled the latest snapshot of Spring Security in order to use a different Authentication Manager for each http tag but as this is not documented I am not sure how should I handle this.

        Could you please explain a little about it?

        I currently have this:

        <!-- Realm for administrators -->
        <http pattern="/admin/**" auto-config="true" disable-url-rewriting="true" >
        <intercept-url pattern="/admin/**" access="ROLE_AGENCY" />
        <form-login login-page="/loginAdmins.htm" default-target-url="/" login-processing-url="/loginProcessing" authentication-failure-url="/loginAdmins.htm?error" />
        <logout invalidate-session="true" logout-success-url="/" logout-url="/logout" />
        </http>

        <!-- Realm for standard users -->
        <http auto-config="true" disable-url-rewriting="true">
        <intercept-url pattern="/user/**" access="ROLE_USER" />
        <form-login login-page="/login.htm" default-target-url="/" login-processing-url="/loginProcessing" authentication-failure-url="/login.htm?error" />
        <logout invalidate-session="true" logout-success-url="/" logout-url="/logout" />
        <remember-me key="*****" user-service-ref="userDetailsService" />
        </http>

        with a single:

        <!-- Auth Manager -->
        <authentication-manager alias="authenticationManager">
        <authentication-provider user-service-ref="userDetailsService" >
        <password-encoder ref="passwordEncoder"/>
        </authentication-provider>
        </authentication-manager>

        How can I create a new one and assign each of them to each http tag?

        Thank you very much in advance,
        Agustin

        Show
        Agustin Lopez added a comment - Hi Luke, I saw that you fixed this recently. I downloaded and compiled the latest snapshot of Spring Security in order to use a different Authentication Manager for each http tag but as this is not documented I am not sure how should I handle this. Could you please explain a little about it? I currently have this: <!-- Realm for administrators --> <http pattern="/admin/**" auto-config="true" disable-url-rewriting="true" > <intercept-url pattern="/admin/**" access="ROLE_AGENCY" /> <form-login login-page="/loginAdmins.htm" default-target-url="/" login-processing-url="/loginProcessing" authentication-failure-url="/loginAdmins.htm?error" /> <logout invalidate-session="true" logout-success-url="/" logout-url="/logout" /> </http> <!-- Realm for standard users --> <http auto-config="true" disable-url-rewriting="true"> <intercept-url pattern="/user/**" access="ROLE_USER" /> <form-login login-page="/login.htm" default-target-url="/" login-processing-url="/loginProcessing" authentication-failure-url="/login.htm?error" /> <logout invalidate-session="true" logout-success-url="/" logout-url="/logout" /> <remember-me key="*****" user-service-ref="userDetailsService" /> </http> with a single: <!-- Auth Manager --> <authentication-manager alias="authenticationManager"> <authentication-provider user-service-ref="userDetailsService" > <password-encoder ref="passwordEncoder"/> </authentication-provider> </authentication-manager> How can I create a new one and assign each of them to each http tag? Thank you very much in advance, Agustin
        Hide
        Bruno J. S. Peixoto added a comment -

        Hi All,

        I'm having a problem in configuring differents authentication managers to two http elements. If I try to configure authentication-manager-ref in http element, ocurr the follow exception: org.xml.sax.SAXParseException: cvc-complex-type.3.2.2: Attribute 'authentication-manager-ref' is not allowed to appear in element 'security:http'.

        In header of my security xml, I'm using http://www.springframework.org/schema/security/spring-security-3.1.xsd. If I put it in browser, the xsd loaded declare the attribute authentication-manager-ref to http element, but the xsd in spring-security-config-3.1.0.RC3.jar doesn't.

        Show
        Bruno J. S. Peixoto added a comment - Hi All, I'm having a problem in configuring differents authentication managers to two http elements. If I try to configure authentication-manager-ref in http element, ocurr the follow exception: org.xml.sax.SAXParseException: cvc-complex-type.3.2.2: Attribute 'authentication-manager-ref' is not allowed to appear in element 'security:http'. In header of my security xml, I'm using http://www.springframework.org/schema/security/spring-security-3.1.xsd . If I put it in browser, the xsd loaded declare the attribute authentication-manager-ref to http element, but the xsd in spring-security-config-3.1.0.RC3.jar doesn't.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Luke Taylor
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: