SEC-659: Added authentication-manager element to allow users to define an alias for the internal authentication manager.

core/src/main/java/org/springframework/security/config/AuthenticationManagerBeanDefinitionParser.java

@@ -0,0 +1,32 @@
+package org.springframework.security.config;
+
+import org.springframework.beans.factory.xml.BeanDefinitionParser;
+import org.springframework.beans.factory.xml.ParserContext;
+import org.springframework.beans.factory.config.BeanDefinition;
+import org.springframework.util.StringUtils;
+
+import org.w3c.dom.Element;
+
+/**
+ * Just registers an alias name for the default ProviderManager used by the namespace
+ * configuration, allowing users to reference it in their beans and clearly see where the name is
+ * coming from.
+ *
+ * @author Luke Taylor
+ * @version $Id$
+ */
+public class AuthenticationManagerBeanDefinitionParser implements BeanDefinitionParser {
+    private static final String ATT_ALIAS = "alias";
+
+    public BeanDefinition parse(Element element, ParserContext parserContext) {
+        String alias = element.getAttribute(ATT_ALIAS);
+
+        if (!StringUtils.hasText(alias)) {
+            parserContext.getReaderContext().error(ATT_ALIAS + " is required.", element );
+        }
+
+        parserContext.getRegistry().registerAlias(BeanIds.AUTHENTICATION_MANAGER, alias);
+
+        return null;
+    }
+}

core/src/main/java/org/springframework/security/config/BeanIds.java

@@ -10,6 +10,9 @@ package org.springframework.security.config;
  */
 public abstract class BeanIds {
 
+    /** External alias for FilterChainProxy bean, for use in web.xml files */
+    public static final String SPRING_SECURITY_FILTER_CHAIN = "springSecurityFilterChain";  
+
     /** Package protected as end users shouldn't really be using this BFPP directly */
 	static final String INTERCEPT_METHODS_BEAN_FACTORY_POST_PROCESSOR = "_interceptMethodsBeanfactoryPP";
     static final String CONTEXT_SOURCE_SETTING_POST_PROCESSOR = "_contextSettingPostProcessor";

core/src/main/java/org/springframework/security/config/Elements.java

@@ -8,6 +8,7 @@ package org.springframework.security.config;
  */
 abstract class Elements {
 
+    public static final String AUTHENTICATION_MANAGER = "authentication-manager";
     public static final String USER_SERVICE = "user-service";
 	public static final String JDBC_USER_SERVICE = "jdbc-user-service";
 	public static final String FILTER_CHAIN_MAP = "filter-chain-map";

core/src/main/java/org/springframework/security/config/SecurityNamespaceHandler.java

@@ -22,6 +22,7 @@ public class SecurityNamespaceHandler extends NamespaceHandlerSupport {
         registerBeanDefinitionParser(Elements.JDBC_USER_SERVICE, new JdbcUserServiceBeanDefinitionParser());
         registerBeanDefinitionParser(Elements.AUTHENTICATION_PROVIDER, new AuthenticationProviderBeanDefinitionParser());
         registerBeanDefinitionParser(Elements.ANNOTATION_DRIVEN, new AnnotationDrivenBeanDefinitionParser());
+        registerBeanDefinitionParser(Elements.AUTHENTICATION_MANAGER, new AuthenticationManagerBeanDefinitionParser());
 
         // Decorators
         registerBeanDefinitionDecorator(Elements.INTERCEPT_METHODS, new InterceptMethodsBeanDefinitionDecorator());

core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc

@@ -266,6 +266,13 @@ x509.attlist &=
     ## Explicitly specifies which user-service should be used to load user data for X.509 authenticated clients. If ommitted, the default user-service will be used.  
     user-service-ref?
 
+authentication-manager =
+    ## If you are using namespace configuration with Spring Security, an AuthenticationManager will automatically be registered. This element simple allows you to define an alias to allow you to reference the authentication-manager in your own beans. 
+    element authentication-manager {authman.attlist}
+    ## The alias you wish to use for the AuthenticationManager bean
+authman.attlist &=
+    attribute alias {xsd:ID}
+
 authentication-provider =
     ## Indicates that the contained user-service should be used as an authentication source. 
     element authentication-provider {ap.attlist & (user-service | jdbc-user-service | ldap-user-service) & password-encoder}

core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd

@@ -622,6 +622,20 @@
       </xs:annotation>
     </xs:attribute>
   </xs:attributeGroup>
+  <xs:element name="authentication-manager">
+    <xs:annotation>
+      <xs:documentation>If you are using namespace configuration with Spring Security, an AuthenticationManager will automatically be registered. This element simple allows you to define an alias to allow you to reference the authentication-manager in your own beans. </xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:attributeGroup ref="security:authman.attlist"/>
+    </xs:complexType>
+  </xs:element>
+  <xs:attributeGroup name="authman.attlist">
+    <xs:annotation>
+      <xs:documentation>The alias you wish to use for the AuthenticationManager bean</xs:documentation>
+    </xs:annotation>
+    <xs:attribute name="alias" use="required" type="xs:ID"/>
+  </xs:attributeGroup>
   <xs:element name="authentication-provider">
     <xs:annotation>
       <xs:documentation>Indicates that the contained user-service should be used as an authentication source. </xs:documentation>