user2087103
Reputation: 161
Custom Authentication Provider on Spring Security 2 userDetailsService issue
I had Spring Security 2.0.5 on my webApp, using a default Provider. Now requirements have changed and I need a CustomAuthenticationProvider in order to change Authentication way.
This is my AuthenticationProvider
public class CustomAuthenticationProvider implements AuthenticationProvider {
@Autowired
private ParamsProperties paramsProperties;
@SuppressWarnings("unchecked")
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
//Check username and passwd
String user = (String) authentication.getPrincipal();
String pass = (String) authentication.getCredentials();
if(StringUtils.isBlank(user) || StringUtils.isBlank(pass) ){
throw new BadCredentialsException("Incorrect username/password");
}
//Create SSO
SingleSignOnService service = new SingleSignOnService(paramsProperties.getServicesServer());
try {
//Check logged
service.setUsername(authentication.getName());
service.setPassword(authentication.getCredentials().toString());
ClientResponse response = service.call();
String result = response.getEntity(String.class);
ObjectMapper mapper = new ObjectMapper();
Map<String,Object> map = mapper.readValue(result, new TypeReference<Map<String,Object>>() {} );
//Read code
String code = (String)map.get("code");
log.debug(" ** [Authenticate] Result: " + code );
for (String s : (List<String>)map.get( "messages" ) ) {
log.debug(" [Authenticate] Message: " + s );
}
if ( code.equals( "SESSION_CREATED" ) || code.equals( "SESSION_UPDATED" ) || code.equals( "SESSION_VERIFIED" ) ) {
UsernamePasswordAuthenticationToken tokenSSO = LoginHelper.getuserSringTokenFromAuthService(map);
return tokenSSO;
} else {
return null;
}
} catch (Exception e) {
e.printStackTrace();
throw new AuthenticationServiceException( e.getMessage() );
}
}
public boolean supports(Class authentication) {
return authentication.equals(UsernamePasswordAuthenticationToken.class);
}
And this is my security.xml
<http>
<form-login default-target-url ="/Login.html" always-use-default-target="true" login-page="/Login.html" login-processing-url="/j_spring_security_check"
authentication-failure-url="/Login.html" />
<http-basic />
<logout logout-success-url="/Login.html" />
</http>
<beans:bean id="myPasswordEncryptor"
class="com.mycomp.comunes.server.spring.core.MyPasswordEncoder" lazy-init="true">
<beans:constructor-arg>
<beans:bean class="org.jasypt.util.password.ConfigurablePasswordEncryptor" />
</beans:constructor-arg>
<beans:constructor-arg ref="paramsProperties" />
</beans:bean>
<beans:bean id="passwordEncoder"
class="org.jasypt.spring.security2.PasswordEncoder" lazy-init="true">
<beans:property name="passwordEncryptor">
<beans:ref bean="myPasswordEncryptor" />
</beans:property>
</beans:bean>
<beans:bean id="authenticationProvider"
class="com.mycomp.comunes.server.spring.manager.autenticacion.CustomAuthenticationProvider">
</beans:bean>
<authentication-provider user-service-ref='authenticationProvider'>
<password-encoder ref="passwordEncoder" />
</authentication-provider>
But when deploying, I get the following:
Caused by: java.lang.IllegalArgumentException: Cannot convert value of type [$Proxy112 implementing org.springframework.security.providers.AuthenticationProvider,org.springframework.aop.SpringProxy,org.springframework.aop.framework.Advised] to required type [org.springframework.security.userdetails.UserDetailsService] for property 'userDetailsService': no matching editors or conversion strategy found
Can anyone help?
Upvotes: 0
Views: 3727
Answers (1)
zagyi
Reputation: 17528
You refer to the authenticationProvider bean as a user service, which it is not.
<authentication-provider user-service-ref='authenticationProvider'>
With this old version of the framework, I can only guess that the way to use a custom auth provider is correctly described here.
Needless to say that it would be highly recommended to upgrade, if for nothing else, then just in order to get support easier.
Upvotes: 1
Related Questions
- Spring Security: Custom UserDetailsService not being called (using Auth0 authentication)
- Spring Security not using custom UserDetaisService
- Spring Security - UserDetailsService implementation - Login Fails
- Spring Boot: Configuring AuthenticationManager with custom UserDetailsService
- Spring Security authentication using UserDetailsService
- Not being able to provide custom authentication provider for the spring security
- Spring Security Java Config - custom AuthenticationProvider and UserDetailsService
- Spring Security Java Configuration - Dummy UserDetailsService not authenticating
- Spring Security - Custom authentication provider not called
- Spring Security 3.x: Creating a custom authentication provider without a UserDetailsService