CODEWITHSUNDEEP
javaspringauthenticationspring-securityrestful-authentication
Popcorn
Popcorn

Reputation: 5348

Why doesnt my Spring Security authentication work?

I have the following configuration placed in /src/main/java/com/dog/bootstrap:

@EnableWebSecurity
@Configuration
public class CustomWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
        System.out.println("hello");
        auth.inMemoryAuthentication()
            .withUser("user")
            .password("password")
            .roles("USER");
    }
}

and I am loading it as follows:

public class WebInitializer implements WebApplicationInitializer {
@Override
public void onStartup(ServletContext container) {
    // Create the dispatcher servlet's Spring application context
    AnnotationConfigWebApplicationContext dispatcherContext = new AnnotationConfigWebApplicationContext();
    dispatcherContext.scan("com.dog.bootstrap");

    // Manage the lifecycle of the root application context
    container.addListener(new ContextLoaderListener(dispatcherContext));

    // Register and map the dispatcher servlet
    ServletRegistration.Dynamic dispatcher =
            container.addServlet("dispatcher", new DispatcherServlet(dispatcherContext));
    dispatcher.setLoadOnStartup(1);

    Set<String> mappingConflicts = dispatcher.addMapping("/");
    if (!mappingConflicts.isEmpty()) {
        throw new IllegalStateException("'dispatcher' could not be mapped to '/' due " +
                "to an existing mapping.");
    }
}

My controller:

@Controller
public class DogController {
    @RequestMapping(value = {"/dog"}, method = RequestMethod.GET)
    @ResponseBody
    public String getSource(@PathVariable("domain") String domain) throws Exception {
        return "dogs";
    }
}

When I startup my app, I do see hello being printed, so configure(AuthenticationManagerBuilder auth) is being called. However, none of my endpoints are requiring me to enter a login page. When I go to localhost:8080/dog it outputs dogs without asking me to authenticate myself.

Upvotes: 2

Views: 332

Answers (1)

chrylis -cautiouslyoptimistic-
chrylis -cautiouslyoptimistic-

Reputation: 77187

You're not actually including the filter chain, as described in the last step of this guide. Try adding this default initializer, which maps to /*:

@Component public class SecurityWebApplicationInitializer 
    extends AbstractSecurityWebApplicationInitializer {
}

Upvotes: 2

Related Questions