|
1 | 1 | /* |
2 | | - * Copyright 2012-2014 the original author or authors. |
| 2 | + * Copyright 2012-2015 the original author or authors. |
3 | 3 | * |
4 | 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
5 | 5 | * you may not use this file except in compliance with the License. |
|
32 | 32 | import org.springframework.context.annotation.Configuration; |
33 | 33 | import org.springframework.context.annotation.Primary; |
34 | 34 | import org.springframework.context.event.ContextRefreshedEvent; |
| 35 | +import org.springframework.core.Ordered; |
35 | 36 | import org.springframework.core.annotation.Order; |
36 | 37 | import org.springframework.security.authentication.AuthenticationEventPublisher; |
37 | 38 | import org.springframework.security.authentication.AuthenticationManager; |
|
40 | 41 | import org.springframework.security.config.annotation.ObjectPostProcessor; |
41 | 42 | import org.springframework.security.config.annotation.SecurityConfigurer; |
42 | 43 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; |
| 44 | +import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; |
43 | 45 | import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter; |
44 | | -import org.springframework.security.core.Authentication; |
45 | | -import org.springframework.security.core.AuthenticationException; |
46 | 46 | import org.springframework.stereotype.Component; |
47 | 47 |
|
48 | 48 | /** |
|
60 | 60 | @ConditionalOnBean(ObjectPostProcessor.class) |
61 | 61 | @ConditionalOnMissingBean({ AuthenticationManager.class }) |
62 | 62 | @Order(0) |
63 | | -public class AuthenticationManagerConfiguration extends |
64 | | - GlobalAuthenticationConfigurerAdapter { |
65 | | - |
66 | | - /* |
67 | | - * Yes, this class is a GlobalAuthenticationConfigurerAdapter, even though none of |
68 | | - * those methods are overridden: we want Spring Security to instantiate us early, so |
69 | | - * we can in turn force the SecurityPrequisites to be instantiated. This will prevent |
70 | | - * ordering issues between Spring Boot modules when they need to influence the default |
71 | | - * security configuration. |
72 | | - */ |
| 63 | +public class AuthenticationManagerConfiguration { |
73 | 64 |
|
74 | 65 | private static Log logger = LogFactory |
75 | 66 | .getLog(AuthenticationManagerConfiguration.class); |
76 | 67 |
|
77 | 68 | @Autowired |
78 | 69 | private List<SecurityPrequisite> dependencies; |
79 | 70 |
|
80 | | - @Autowired |
81 | | - private SecurityProperties security; |
82 | | - |
83 | | - @Autowired |
84 | | - private ObjectPostProcessor<Object> objectPostProcessor; |
85 | | - |
86 | 71 | @Bean |
87 | 72 | @Primary |
88 | | - public AuthenticationManager authenticationManager(AuthenticationManagerBuilder auth, |
89 | | - ApplicationContext context) throws Exception { |
90 | | - |
91 | | - if (isAuthenticationManagerAlreadyConfigured(context)) { |
92 | | - return new LazyAuthenticationManager(auth); |
93 | | - } |
94 | | - |
95 | | - /* |
96 | | - * This AuthenticationManagerBuilder is for the global AuthenticationManager |
97 | | - */ |
98 | | - BootDefaultingAuthenticationConfigurerAdapter configurer = new BootDefaultingAuthenticationConfigurerAdapter(); |
99 | | - configurer.configure(auth); |
100 | | - AuthenticationManager manager = configurer.getAuthenticationManagerBuilder() |
101 | | - .getOrBuild(); |
102 | | - configurer.configureParent(auth); |
103 | | - return manager; |
104 | | - |
| 73 | + public AuthenticationManager authenticationManager(AuthenticationConfiguration auth) |
| 74 | + throws Exception { |
| 75 | + return auth.getAuthenticationManager(); |
105 | 76 | } |
106 | 77 |
|
107 | | - private boolean isAuthenticationManagerAlreadyConfigured(ApplicationContext context) { |
108 | | - return context.getBeanNamesForType(GlobalAuthenticationConfigurerAdapter.class).length > 2; |
| 78 | + @Bean |
| 79 | + public static BootDefaultingAuthenticationConfigurerAdapter bootDefaultingAuthenticationConfigurerAdapter( |
| 80 | + SecurityProperties security, List<SecurityPrequisite> dependencies) { |
| 81 | + return new BootDefaultingAuthenticationConfigurerAdapter(security); |
109 | 82 | } |
110 | 83 |
|
111 | 84 | @Component |
@@ -152,64 +125,33 @@ public void onApplicationEvent(ContextRefreshedEvent event) { |
152 | 125 | * methods are invoked before configure, which cannot be guaranteed at this point.</li> |
153 | 126 | * </ul> |
154 | 127 | */ |
155 | | - private class BootDefaultingAuthenticationConfigurerAdapter { |
156 | | - |
157 | | - private AuthenticationManagerBuilder defaultAuth; |
158 | | - |
159 | | - private AuthenticationManager parent; |
160 | | - |
161 | | - public void configureParent(AuthenticationManagerBuilder auth) { |
162 | | - if (!auth.isConfigured() && this.parent != null) { |
163 | | - auth.parentAuthenticationManager(this.parent); |
164 | | - } |
165 | | - } |
| 128 | + @Order(Ordered.LOWEST_PRECEDENCE - 100) |
| 129 | + private static class BootDefaultingAuthenticationConfigurerAdapter extends |
| 130 | + GlobalAuthenticationConfigurerAdapter { |
| 131 | + private final SecurityProperties security; |
166 | 132 |
|
167 | | - public AuthenticationManagerBuilder getAuthenticationManagerBuilder() { |
168 | | - return this.defaultAuth; |
| 133 | + @Autowired |
| 134 | + public BootDefaultingAuthenticationConfigurerAdapter(SecurityProperties security) { |
| 135 | + this.security = security; |
169 | 136 | } |
170 | 137 |
|
171 | | - public void configure(AuthenticationManagerBuilder auth) throws Exception { |
| 138 | + @Override |
| 139 | + public void init(AuthenticationManagerBuilder auth) throws Exception { |
172 | 140 | if (auth.isConfigured()) { |
173 | | - this.defaultAuth = auth; |
174 | 141 | return; |
175 | 142 | } |
176 | 143 |
|
177 | | - User user = AuthenticationManagerConfiguration.this.security.getUser(); |
| 144 | + User user = this.security.getUser(); |
178 | 145 | if (user.isDefaultPassword()) { |
179 | 146 | logger.info("\n\nUsing default security password: " + user.getPassword() |
180 | 147 | + "\n\n"); |
181 | 148 | } |
182 | 149 |
|
183 | | - this.defaultAuth = new AuthenticationManagerBuilder( |
184 | | - AuthenticationManagerConfiguration.this.objectPostProcessor); |
185 | | - |
186 | 150 | Set<String> roles = new LinkedHashSet<String>(user.getRole()); |
187 | | - |
188 | | - this.parent = this.defaultAuth.inMemoryAuthentication() |
189 | | - .withUser(user.getName()).password(user.getPassword()) |
190 | | - .roles(roles.toArray(new String[roles.size()])).and().and().build(); |
191 | | - |
192 | | - // Defer actually setting the parent on the AuthenticationManagerBuilder |
193 | | - // because it makes it "configured" and we are only in the init() phase |
194 | | - // here. |
195 | | - |
| 151 | + auth.inMemoryAuthentication().withUser(user.getName()) |
| 152 | + .password(user.getPassword()) |
| 153 | + .roles(roles.toArray(new String[roles.size()])); |
196 | 154 | } |
197 | 155 | } |
198 | 156 |
|
199 | | - private static class LazyAuthenticationManager implements AuthenticationManager { |
200 | | - |
201 | | - private AuthenticationManagerBuilder builder; |
202 | | - |
203 | | - public LazyAuthenticationManager(AuthenticationManagerBuilder builder) { |
204 | | - this.builder = builder; |
205 | | - } |
206 | | - |
207 | | - @Override |
208 | | - public Authentication authenticate(Authentication authentication) |
209 | | - throws AuthenticationException { |
210 | | - return this.builder.getOrBuild().authenticate(authentication); |
211 | | - } |
212 | | - |
213 | | - } |
214 | | - |
215 | 157 | } |
0 commit comments