CODEWITHSUNDEEP
springspring-mvcspring-security
user1595858
user1595858

Reputation: 3878

How to convert spring security xml configuration to java configuration?

I'm trying to convert the below xml to java configuration, but confused with alias argument in the sec:authentication-manager tag. I have worked on the partial part of java configuration and will appreciate if someone can help me with rest of configuration.

Xml Configuration

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:sec="http://www.springframework.org/schema/security"

       xsi:schemaLocation="http://www.springframework.org/schema/beans
                      http://www.springframework.org/schema/beans/spring-beans.xsd
                      http://www.springframework.org/schema/security
                      http://www.springframework.org/schema/security/spring-security.xsd">

    <bean id="passwordEncoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder"/>

    <sec:authentication-manager alias="userAuthenticationManager">
        <sec:authentication-provider user-service-ref="userService">
            <sec:password-encoder ref="passwordEncoder"/>
        </sec:authentication-provider>
    </sec:authentication-manager>

    <sec:authentication-manager id="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
        <sec:authentication-provider user-service-ref="client-details-user-service"/>
    </sec:authentication-manager>


    <bean id="client-details-user-service" class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
        <constructor-arg ref="client-details-service" />
    </bean>

</beans>

Converted partial

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter{

    @Autowired
    private ClientDetailsService clientDetailsService;

    @Autowired
    private UserRepository userRepository;

    @Autowired
    private Validator validator;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Override
    protected AuthenticationManager authenticationManager() throws Exception {
        // TODO Auto-generated method stub
        return super.authenticationManager();
    }
    @Override
    protected void configure(AuthenticationManagerBuilder auth)
            throws Exception {
        auth.userDetailsService(userDetailsService());
    }


       @Bean
        public UserDetailsService userDetailsService() {
            return new UserServiceImpl(userRepository, validator, passwordEncoder);
        } 



}

Upvotes: 2

Views: 5909

Answers (2)

Serge Ballesta
Serge Ballesta

Reputation: 148870

Java config can do the same as namespace configuration in XML.

I would advice you to follow the following rules in you @Configuration class:

  • all that is declared with <bean ...> in xml should be a @Bean in java config
  • all beans that are defined elsewhere and used in this xml should be @Autowired

As you have 2 different authentication managers in xml, you should create them explicitely in Java config, because the other question refered by @ManuZi shows that instantiation of springSecurityFilterChain fails if you try to configure 2 different AuthenticationManager through a basic java configuration, and you should better use explicit injection with @Qualifier annotations.

Upvotes: 0

Manu Zi
Manu Zi

Reputation: 2370

The alias tag is for identify this specific authentication-manager. If you doesn't need this in the java-config, you can try the following:

@Autowired
private StandardPasswordEncoder standardPasswordEncoder;

@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(principalService).passwordEncoder(standardPasswordEncoder);
    auth.authenticationProvider(preAuthenticatedAuthenticationProvider());
}

@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
   auth.userDetailsService(principalService).passwordEncoder(passwordEncoder);
   auth.authenticationProvider(preAuthenticatedAuthenticationProvider());
}

@Bean
public PreAuthenticatedAuthenticationProvider preAuthenticatedAuthenticationProvider(){
    PreAuthenticatedAuthenticationProvider preAuthenticatedAuthenticationProvider = new PreAuthenticatedAuthenticationProvider();
    preAuthenticatedAuthenticationProvider.setPreAuthenticatedUserDetailsService(preAuthenticationUserDetailService);
    return preAuthenticatedAuthenticationProvider;
}

EDIT

If you want multiply authentication manager check this answer: https://stackoverflow.com/a/26308661/1809221

Upvotes: 1

Related Questions