Reputation: 36686
How to use two authentication providers in the same request with Spring Security?
I have two authentication providers configured in my application, one using LDAP and other looking in the database:
<sec:authentication-manager>
<sec:ldap-authentication-provider server-ref="ldapServer" />
<sec:authentication-provider user-service-ref="dbUserDetailsService" />
</sec:authentication-manager>
Spring tries to use LDAP first, and if it does not find the user there, it tries my custom provider.
What I want to do is force Spring to authenticate the user in all available providers. In this case, it will only try my custom provider if it can perform the login in the LDAP server first. If the authentication in the custom provider fails, the entire authentication fails.
Is it possible to achive this with Spring Security?
Upvotes: 0
Views: 474
Answers (1)
Reputation: 837
I think you can implement your own authentication provider, in which you inject two instances - one of LdapAuthenticationProvider and the other is DaoAuthenticationProvider. You will have to implement a method
public Authentication authenticate(Authentication authentication) throws AuthenticationException
where you can proxy authentication call at first to LdapAuthenticationProvider and if it is successful then you call DaoAuthenticationProvider.
Upvotes: 1
Related Questions
- How to provide multiple Authentication providers with java configuration of spring security
- Java Spring Security config - multiple authentication providers
- Multiple Authentication Providers in Spring Security
- How to provide multiple ways of authentication with Spring Security
- Multiple custom authentication with spring security
- Spring Security call another Authentication Provider even the first provider is failed
- Spring Security two authenticationSuccessHandler
- Spring Boot security - multiple authentication providers
- Spring security with multiple authentication providers - UsernameNotFoundException
- Spring Security - multiple authentication-providers