Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-12 07:02:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Document JDBC Persistence for WebAuthn

Browse Source 
Issue gh-16282
This commit is contained in:
Rob Winch 2025-01-17 21:37:27 -06:00
parent 1f9845485c
commit d3332e1956
No known key found for this signature in database
2 changed files with 44 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
docs/modules/ROOT/pages/servlet/authentication/passkeys.adoc
View File

@ -118,6 +118,49 @@ open fun userDetailsService(): UserDetailsService {
----
======
[[passkeys-configuration-persistence]]
=== JDBC & Custom Persistence
WebAuthn performs persistence with javadoc:org.springframework.security.web.webauthn.management.PublicKeyCredentialUserEntityRepository[] and javadoc:org.springframework.security.web.webauthn.management.UserCredentialRepository[].
The default is to use in memory persistence, but JDBC persistence is support with javadoc:org.springframework.security.web.webauthn.management.JdbcPublicKeyCredentialUserEntityRepository[] and javadoc:org.springframework.security.web.webauthn.management.JdbcUserCredentialRepository[].
To configure JDBC based persistence, expose the repositories as a Bean:
[tabs]
======
Java::
+
[source,java,role="primary"]
----
@Bean
JdbcPublicKeyCredentialUserEntityRepository jdbcPublicKeyCredentialRepository(JdbcOperations jdbc) {
return new JdbcPublicKeyCredentialUserEntityRepository(jdbc);
}
@Bean
JdbcUserCredentialRepository jdbcUserCredentialRepository(JdbcOperations jdbc) {
return new JdbcUserCredentialRepository(jdbc);
}
----
Kotlin::
+
[source,kotlin,role="secondary"]
----
@Bean
fun jdbcPublicKeyCredentialRepository(jdbc: JdbcOperations): JdbcPublicKeyCredentialUserEntityRepository {
return JdbcPublicKeyCredentialUserEntityRepository(jdbc)
}
@Bean
fun jdbcUserCredentialRepository(jdbc: JdbcOperations): JdbcUserCredentialRepository {
return JdbcUserCredentialRepository(jdbc)
}
----
======
If JDBC does not meet your needs, you can create your own implementations of the interfaces and use them by exposing them as a Bean similar to the example above.
[[passkeys-configuration-pkccor]]
=== Custom PublicKeyCredentialCreationOptionsRepository

1
docs/modules/ROOT/pages/whats-new.adoc
View File

@ -17,5 +17,6 @@ Note that this may affect reports that operate on this key name.
== WebAuthn
* https://github.com/spring-projects/spring-security/pull/16282[gh-16282] - xref:servlet/authentication/passkeys.adoc#passkeys-configuration-persistence[JDBC Persistence] for WebAuthn/Passkeys
* https://github.com/spring-projects/spring-security/pull/16397[gh-16397] - Added the ability to configure a custom `HttpMessageConverter` for Passkeys using the optional xref:servlet/authentication/passkeys.adoc#passkeys-configuration[`messageConverter` property] on the `webAuthn` DSL.
* https://github.com/spring-projects/spring-security/pull/16396[gh-16396] - Added the ability to configure a custom xref:servlet/authentication/passkeys.adoc#passkeys-configuration-pkccor[`PublicKeyCredentialCreationOptionsRepository`]