From f1f158b37e953b1e8cd742f20897cec2e2937bf6 Mon Sep 17 00:00:00 2001 From: Josh Cummings Date: Thu, 9 Jan 2020 13:43:47 -0700 Subject: [PATCH] AuthenticationEventPublisher DSL Lookup Fixes gh-4400 --- .../WebSecurityConfigurerAdapter.java | 6 ++++- .../WebSecurityConfigurerAdapterTests.java | 27 +++++++++++++++++++ 2 files changed, 32 insertions(+), 1 deletion(-) diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java index 60764850ed..8943fa6dd9 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java @@ -201,7 +201,6 @@ public abstract class WebSecurityConfigurerAdapter implements AuthenticationManager authenticationManager = authenticationManager(); authenticationBuilder.parentAuthenticationManager(authenticationManager); - authenticationBuilder.authenticationEventPublisher(eventPublisher); Map, Object> sharedObjects = createSharedObjects(); http = new HttpSecurity(objectPostProcessor, authenticationBuilder, @@ -383,6 +382,11 @@ public abstract class WebSecurityConfigurerAdapter implements return super.eraseCredentials(eraseCredentials); } + @Override + public AuthenticationManagerBuilder authenticationEventPublisher(AuthenticationEventPublisher eventPublisher) { + authenticationBuilder.authenticationEventPublisher(eventPublisher); + return super.authenticationEventPublisher(eventPublisher); + } }; } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTests.java index f81d283383..8f784aa513 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTests.java @@ -42,6 +42,7 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.test.SpringTestRule; import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.userdetails.PasswordEncodedUser; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; @@ -398,4 +399,30 @@ public class WebSecurityConfigurerAdapterTests { return mock(AuthenticationEventPublisher.class); } } + + // gh-4400 + @Test + public void performWhenUsingAuthenticationEventPublisherInDslThenUses() throws Exception { + this.spring.register(CustomAuthenticationEventPublisherDsl.class).autowire(); + + AuthenticationEventPublisher authenticationEventPublisher = + CustomAuthenticationEventPublisherDsl.EVENT_PUBLISHER; + + this.mockMvc.perform(get("/") + .with(httpBasic("user", "password"))); // fails since no providers configured + + verify(authenticationEventPublisher).publishAuthenticationFailure( + any(AuthenticationException.class), + any(Authentication.class)); + } + + @EnableWebSecurity + static class CustomAuthenticationEventPublisherDsl extends WebSecurityConfigurerAdapter { + static AuthenticationEventPublisher EVENT_PUBLISHER = mock(AuthenticationEventPublisher.class); + + @Override + protected void configure(AuthenticationManagerBuilder auth) throws Exception { + auth.authenticationEventPublisher(EVENT_PUBLISHER); + } + } }