BAEL-3338: A Guide to AuthenticationManagerResolver in Spring Security
Fix indentation problems in code, do some renaming to sync article with code
This commit is contained in:
maryarm
parent
07461f418a
commit
41a8ea19d3
|
|
@ -11,15 +11,15 @@ public class AuthResolverController {
|
|||
@GetMapping("/customer/welcome")
|
||||
public Mono<String> sayWelcomeToCustomer(Mono<Principal> principal) {
|
||||
return principal
|
||||
.map(Principal::getName)
|
||||
.map(name -> String.format("Welcome to our site, %s!", name));
|
||||
.map(Principal::getName)
|
||||
.map(name -> String.format("Welcome to our site, %s!", name));
|
||||
}
|
||||
|
||||
@GetMapping("/employee/welcome")
|
||||
public Mono<String> sayWelcomeToEmployee(Mono<Principal> principal) {
|
||||
return principal
|
||||
.map(Principal::getName)
|
||||
.map(name -> String.format("Welcome to our company, %s!", name));
|
||||
.map(Principal::getName)
|
||||
.map(name -> String.format("Welcome to our company, %s!", name));
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ import reactor.core.publisher.Mono;
|
|||
|
||||
@EnableWebFluxSecurity
|
||||
@EnableReactiveMethodSecurity
|
||||
public class AuthResolverSecurityConfig {
|
||||
public class CustomWebSecurityConfig {
|
||||
|
||||
@Bean
|
||||
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
|
||||
|
|
@ -35,17 +35,17 @@ public class AuthResolverSecurityConfig {
|
|||
}
|
||||
|
||||
public AuthenticationWebFilter authenticationWebFilter() {
|
||||
AuthenticationWebFilter filter = new AuthenticationWebFilter(authenticationManagerResolver());
|
||||
return filter;
|
||||
return new AuthenticationWebFilter(resolver());
|
||||
}
|
||||
|
||||
public ReactiveAuthenticationManagerResolver<ServerHttpRequest> authenticationManagerResolver() {
|
||||
public ReactiveAuthenticationManagerResolver<ServerHttpRequest> resolver() {
|
||||
return request -> {
|
||||
if (request
|
||||
.getPath()
|
||||
.subPath(0)
|
||||
.value()
|
||||
.startsWith("/employee")) return Mono.just(employeesAuthenticationManager());
|
||||
.startsWith("/employee"))
|
||||
return Mono.just(employeesAuthenticationManager());
|
||||
return Mono.just(customersAuthenticationManager());
|
||||
};
|
||||
}
|
||||
|
|
@ -55,7 +55,11 @@ public class AuthResolverSecurityConfig {
|
|||
.switchIfEmpty(Mono.error(new UsernameNotFoundException(authentication
|
||||
.getPrincipal()
|
||||
.toString())))
|
||||
.map(b -> new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))));
|
||||
.map(b -> new UsernamePasswordAuthenticationToken(authentication.getPrincipal(),
|
||||
authentication.getCredentials(),
|
||||
Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
public ReactiveAuthenticationManager employeesAuthenticationManager() {
|
||||
|
|
@ -63,7 +67,12 @@ public class AuthResolverSecurityConfig {
|
|||
.switchIfEmpty(Mono.error(new UsernameNotFoundException(authentication
|
||||
.getPrincipal()
|
||||
.toString())))
|
||||
.map(b -> new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))));
|
||||
.map(
|
||||
b -> new UsernamePasswordAuthenticationToken(authentication.getPrincipal(),
|
||||
authentication.getCredentials(),
|
||||
Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
public Mono<String> customer(Authentication authentication) {
|
||||
|
|
@ -14,7 +14,8 @@ import org.springframework.util.Base64Utils;
|
|||
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, classes = AuthResolverApplication.class)
|
||||
@FixMethodOrder(MethodSorters.NAME_ASCENDING)
|
||||
public class AuthResolverIntegrationTest {
|
||||
@Autowired private WebTestClient testClient;
|
||||
@Autowired
|
||||
private WebTestClient testClient;
|
||||
|
||||
@Test
|
||||
public void givenCustomerCredential_whenWelcomeCustomer_thenExpectOk() {
|
||||
|
|
|
|||
|
|
@ -1,12 +1,11 @@
|
|||
package com.baeldung.authresolver;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.authentication.AuthenticationManagerResolver;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.core.Authentication;
|
||||
|
|
@ -18,17 +17,18 @@ import org.springframework.security.web.authentication.www.BasicAuthenticationCo
|
|||
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
||||
|
||||
@Configuration
|
||||
public class AuthResolverWebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
||||
public class CustomWebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
||||
|
||||
public AuthenticationConverter authenticationConverter() {
|
||||
return new BasicAuthenticationConverter();
|
||||
}
|
||||
|
||||
public AuthenticationManagerResolver<HttpServletRequest> authenticationManagerResolver() {
|
||||
public AuthenticationManagerResolver<HttpServletRequest> resolver() {
|
||||
return request -> {
|
||||
if (request
|
||||
.getPathInfo()
|
||||
.startsWith("/employee")) return employeesAuthenticationManager();
|
||||
.startsWith("/employee"))
|
||||
return employeesAuthenticationManager();
|
||||
return customersAuthenticationManager();
|
||||
};
|
||||
}
|
||||
|
|
@ -36,7 +36,11 @@ public class AuthResolverWebSecurityConfigurer extends WebSecurityConfigurerAdap
|
|||
public AuthenticationManager customersAuthenticationManager() {
|
||||
return authentication -> {
|
||||
if (isCustomer(authentication)) {
|
||||
return new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), Arrays.asList(new SimpleGrantedAuthority("ROLE_USER")));
|
||||
return new UsernamePasswordAuthenticationToken(
|
||||
authentication.getPrincipal(),
|
||||
authentication.getCredentials(),
|
||||
Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
|
||||
);
|
||||
}
|
||||
throw new UsernameNotFoundException(authentication
|
||||
.getPrincipal()
|
||||
|
|
@ -44,31 +48,35 @@ public class AuthResolverWebSecurityConfigurer extends WebSecurityConfigurerAdap
|
|||
};
|
||||
}
|
||||
|
||||
public boolean isCustomer(Authentication authentication) {
|
||||
private boolean isCustomer(Authentication authentication) {
|
||||
return (authentication
|
||||
.getPrincipal()
|
||||
.toString()
|
||||
.startsWith("customer"));
|
||||
}
|
||||
|
||||
public boolean isEmployee(Authentication authentication) {
|
||||
private boolean isEmployee(Authentication authentication) {
|
||||
return (authentication
|
||||
.getPrincipal()
|
||||
.toString()
|
||||
.startsWith("employee"));
|
||||
}
|
||||
|
||||
public AuthenticationFilter authenticationFilter(AuthenticationManagerResolver<HttpServletRequest> resolver, AuthenticationConverter converter) {
|
||||
AuthenticationFilter ret = new AuthenticationFilter(resolver, converter);
|
||||
ret.setSuccessHandler((httpServletRequest, httpServletResponse, authentication) -> {
|
||||
});
|
||||
private AuthenticationFilter authenticationFilter() {
|
||||
AuthenticationFilter ret = new AuthenticationFilter(
|
||||
resolver(), authenticationConverter());
|
||||
ret.setSuccessHandler((request, response, auth) -> {});
|
||||
return ret;
|
||||
}
|
||||
|
||||
public AuthenticationManager employeesAuthenticationManager() {
|
||||
private AuthenticationManager employeesAuthenticationManager() {
|
||||
return authentication -> {
|
||||
if (isEmployee(authentication)) {
|
||||
return new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), Arrays.asList(new SimpleGrantedAuthority("ROLE_USER")));
|
||||
return new UsernamePasswordAuthenticationToken(
|
||||
authentication.getPrincipal(),
|
||||
authentication.getCredentials(),
|
||||
Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
|
||||
);
|
||||
}
|
||||
throw new UsernameNotFoundException(authentication
|
||||
.getPrincipal()
|
||||
|
|
@ -77,16 +85,11 @@ public class AuthResolverWebSecurityConfigurer extends WebSecurityConfigurerAdap
|
|||
}
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.addFilterBefore(
|
||||
authenticationFilter(
|
||||
authenticationManagerResolver(), authenticationConverter()),
|
||||
BasicAuthenticationFilter.class);
|
||||
protected void configure(HttpSecurity http) {
|
||||
http.addFilterBefore(
|
||||
authenticationFilter(),
|
||||
BasicAuthenticationFilter.class
|
||||
);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
super.configure(auth);
|
||||
}
|
||||
}
|
||||
|
|
@ -23,9 +23,11 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
|||
@FixMethodOrder(MethodSorters.NAME_ASCENDING)
|
||||
public class AuthResolverIntegrationTest {
|
||||
|
||||
@Autowired private FilterChainProxy springSecurityFilterChain;
|
||||
@Autowired
|
||||
private FilterChainProxy springSecurityFilterChain;
|
||||
|
||||
@Autowired private WebApplicationContext wac;
|
||||
@Autowired
|
||||
private WebApplicationContext wac;
|
||||
|
||||
private MockMvc mockMvc;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue