Custom Auth User in Spring

Question

I have a custom authentication implementation outside of Spring Security which I am in the process of integrating.

I am generating a Spring User as part of the auth process based on my existing User model.

Everything seems to be working fine except for the getAuthority function.

I have the below in my User model which implements UserDetails.

  @Override
    public Set<GrantedAuthority> getAuthorities() {
        Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
        authorities.add(new SimpleGrantedAuthority(this.role));
        return authorities;
    }

However, I am getting the below response.

"message": "A granted authority textual representation is required",

I believe I am missing the generation of correct ROLES in my DB. Currently private String role is "USER".

I think my question is this.

What is the correct format for my role field to allow this to work correctly and what is the best way to insert this role?

Answer 1

It depends.

If you are using Spring's default security configuration, a "ROLE_" prefix is needed. Usually, the basic values are: ROLE_USER and ROLE_ADMIN.

If not - check the custom configuration.

Related questions:

1. Custom security configuration.
2. Adding additional roles.