Menu
I've set a custom authentication provider:
@Configuration
@EnableWebSecurity
@EnableGlobalAuthentication
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
@Qualifier("samlAuthenticationProvider")
SAMLAuthenticationProvider samlAuthenticationProvider;
@Override
protected void configure(HttpSecurity http) throws Exception {
/**
* Do your stuff here
*/
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(samlAuthenticationProvider);
}
}
Now, I'd like to set also an alias for the authentication-manager, then I'd like to autowire it in another bean definition.
Eg:
<!-- Register authentication manager with SAML provider -->
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider
ref="samlAuthenticationProvider" />
</security:authentication-manager>
<!-- Processing filter for WebSSO Holder-of-Key profile -->
<bean id="samlWebSSOHoKProcessingFilter"
class="org.springframework.security.saml.SAMLWebSSOHoKProcessingFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationSuccessHandler" ref="successRedirectHandler" />
</bean>
Is there a way to do that only in Java Config?
639
I'm not well with new Security Java Configuration, but here is what I see from source code:
@Import(AuthenticationConfiguration.class)
public @interface EnableGlobalAuthentication {}
This annotation imports AuthenticationConfiguration who is @Configuration as well. Any @Configuration is registered as bean, too. So, you can do like this from WebSecurityConfigurerAdapter:
@Autowired
public void setAuthenticationConfiguration(AuthenticationConfiguration authenticationConfiguration) {
this.authenticationConfiguration = authenticationConfiguration;
}
And get access to the AuthenticationManager:
this.authenticationConfiguration.getAuthenticationManager();
From xml perspective you can use SpEL to get access to that authenticationManager:
<property name="authenticationManager" value="#{authenticationConfiguration.authenticationManager}" />
Sorry, I don't see the point, where AuthenticationManager is registered as a bean. From here you can't configure an alias for him.
UPDATE
BTW, if you are going to @Autowired the AuthenticationManager to some other component, the @Value come to the resque:
@Value("#{authenticationConfiguration.authenticationManager}")
private AuthenticationManager authenticationManager;
UPDATE2
Found it WebSecurityConfigurerAdapter. The source code and JavaDocs:
/**
* Override this method to expose the {@link AuthenticationManager} from
* {@link #configure(AuthenticationManagerBuilder)} to be exposed as
* a Bean. For example:
*
* <pre>
* @Bean(name name="myAuthenticationManager")
* @Override
* public AuthenticationManager authenticationManagerBean() throws Exception {
* return super.authenticationManagerBean();
* }
* </pre>
*
* @return the {@link AuthenticationManager}
* @throws Exception
*/
public AuthenticationManager authenticationManagerBean() throws Exception {
return new AuthenticationManagerDelegator(authenticationBuilder);
}
UPDATE3
How tou get access to the existing AuthenticationManager from custom WebSecurityConfigurerAdapterand configure SAMLWebSSOHoKProcessingFilter?
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public SAMLWebSSOHoKProcessingFilter samlFilter() {
SAMLWebSSOHoKProcessingFilter samlFilter = new SAMLWebSSOHoKProcessingFilter();
samlFilter.setAuthenticationManage(authenticationManager());
.......
return samlFilter;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.addFilter(samlFilter());
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
