configureGlobal on @SpringBootApplication fails

[rwinch]

The following fails:

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;

@SpringBootApplication
public class HelloWebSecurityApplication {

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth)
            throws Exception {
        // @formatter:off
        auth
            .inMemoryAuthentication()
                .withUser("user").password("password").roles("USER");
        // @formatter:on
    }

    public static void main(String[] args) {
        SpringApplication.run(HelloWebSecurityApplication.class, args);
    }
}

We should allow Spring Security's Global Authentication to be configured from any class annotated with @EnableGlobalAuthentication, @EnableAutoConfiguration, or @SpringBootApplication. This can be done by adding the following:

@Configuration
@ConditionalOnClass(GlobalAuthenticationConfigurerAdapter.class)
public class BootGlobalAuthenticationConfiguration {

    @Bean
    public static BootGlobalAuthenticationConfigurationAdapter bootGlobalAuthenticationConfigurationAdapter(ApplicationContext context) {
        return new BootGlobalAuthenticationConfigurationAdapter(context);
    }

    private static class BootGlobalAuthenticationConfigurationAdapter extends GlobalAuthenticationConfigurerAdapter {
        private final ApplicationContext context;
        private static final Log logger = LogFactory.getLog(BootGlobalAuthenticationConfiguration.class);

        public BootGlobalAuthenticationConfigurationAdapter(ApplicationContext context) {
            this.context = context;
        }

        @Override
        public void init(AuthenticationManagerBuilder auth) {
            Map<String, Object> beansWithAnnotation = context.getBeansWithAnnotation(EnableAutoConfiguration.class);
            if(logger.isDebugEnabled()) {
                logger.debug("Eagerly initializing " + beansWithAnnotation);
            }
        }
    }
}

[rwinch]

See #2475

[dsyer]

I didn't see the 1.1.11 milestone on this. Is it a change we want/need in 1.1?

[rwinch]

Yes I view this as a bug (this use to work). Issues like this are also one of the most frequent issues I see when dealing with Spring Security and Boot.

[wilkinsona]

@rwinch I've backported this to 1.1.x. For future reference, if you have a pull request that you'd like to be included in a maintenance branch, please open the PR against that branch rather than master as we prefer to merge things forwards into master rather than cherry picking them backwards. If you're interested, the rationale for this approach is in the wiki.

[rwinch]

Thanks for back porting this into 1.1.x @wilkinsona

Also thanks for the information. I will keep that in mind in the future.

Thanks again!