Spring

 View Only

 How to pass a custom authenticationManagerBean to the BasicAuthenticationFilter

Thorsten Witt's profile image
Thorsten Witt posted Dec 04, 2018 01:14 PM

For the BasicAuthenticationFilter, I am trying to inject my own AuthenticationManager. But when I debug the Startup, I always find out that the Class BasicAuthenticationFilter.java is not using my AuthenticationManager.

 

How can I pass it into the BasicAuthenticationFilter ?

 

I am using SpringBoot 2.1.0 and Spring-Security-Oauth2 2.0.1

 

AuthConfig.java

@Configuration @EnableAuthorizationServer public class AuthorizationConfiguration extends AuthorizationServerConfigurerAdapter {   @Autowired private AuthenticationManager authenticationManager;   @Autowired @Qualifier("passwordEncoder") private PasswordEncoder passwordEncoder;   @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { System.out.println(passwordEncoder.encode("SECRET")); clients .inMemory() .withClient("clientapp") .authorizedGrantTypes("client_credentials") .authorities("USER") .scopes("read", "write") .secret(passwordEncoder.encode("SECRET"));   }   @Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { security.tokenKeyAccess("permitAll()"); }   @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { endpoints.authenticationManager(authenticationManager); } }

WebSecurityConfig.java

@Configuration @EnableWebSecurity public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter{   @Override @Bean(name = BeanIds.AUTHENTICATION_MANAGER) @Primary public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManager(); }     @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(16); }   @Override public void configure(WebSecurity web) throws Exception { web.ignoring() .antMatchers(ResourceConfiguration.TEST_PATHS); }   @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { DaoAuthenticationProvider daoAuth = new DaoAuthenticationProvider(); daoAuth.setPasswordEncoder(passwordEncoder()); auth.authenticationProvider(daoAuth); }

 

Daniel Mikusa's profile image
Daniel Mikusa

Can you take a step back and tell me what you're trying to achieve here? What do you want your security setup to look like? You mentioned basic auth to the user. Where are you trying to store user info?