BAEL-3338: A Guide to AuthenticationManagerResolver in Spring Security

Fix indentation problems in code, do some renaming to sync article with code

spring-5-reactive-security/src/main/java/com/baeldung/reactive/authresolver/CustomWebSecurityConfig.java

@@ -19,7 +19,7 @@ import reactor.core.publisher.Mono;
 
 @EnableWebFluxSecurity
 @EnableReactiveMethodSecurity
-public class AuthResolverSecurityConfig {
+public class CustomWebSecurityConfig {
 
     @Bean
     public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
@@ -35,17 +35,17 @@ public class AuthResolverSecurityConfig {
     }
 
     public AuthenticationWebFilter authenticationWebFilter() {
-        AuthenticationWebFilter filter = new AuthenticationWebFilter(authenticationManagerResolver());
+        return new AuthenticationWebFilter(resolver());
-        return filter;
     }
 
-    public ReactiveAuthenticationManagerResolver<ServerHttpRequest> authenticationManagerResolver() {
+    public ReactiveAuthenticationManagerResolver<ServerHttpRequest> resolver() {
         return request -> {
             if (request
               .getPath()
               .subPath(0)
               .value()
-              .startsWith("/employee")) return Mono.just(employeesAuthenticationManager());
+              .startsWith("/employee"))
+                return Mono.just(employeesAuthenticationManager());
             return Mono.just(customersAuthenticationManager());
         };
     }
@@ -55,7 +55,11 @@ public class AuthResolverSecurityConfig {
           .switchIfEmpty(Mono.error(new UsernameNotFoundException(authentication
             .getPrincipal()
             .toString())))
-          .map(b -> new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))));
+          .map(b -> new UsernamePasswordAuthenticationToken(authentication.getPrincipal(),
+              authentication.getCredentials(),
+              Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
+            )
+          );
     }
 
     public ReactiveAuthenticationManager employeesAuthenticationManager() {
@@ -63,7 +67,12 @@ public class AuthResolverSecurityConfig {
           .switchIfEmpty(Mono.error(new UsernameNotFoundException(authentication
             .getPrincipal()
             .toString())))
-          .map(b -> new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))));
+          .map(
+            b -> new UsernamePasswordAuthenticationToken(authentication.getPrincipal(),
+              authentication.getCredentials(),
+              Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
+            )
+          );
     }
 
     public Mono<String> customer(Authentication authentication) {

spring-5-reactive-security/src/test/java/com/baeldung/reactive/authresolver/AuthResolverIntegrationTest.java

@@ -14,7 +14,8 @@ import org.springframework.util.Base64Utils;
 @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, classes = AuthResolverApplication.class)
 @FixMethodOrder(MethodSorters.NAME_ASCENDING)
 public class AuthResolverIntegrationTest {
-    @Autowired private WebTestClient testClient;
+    @Autowired
+    private WebTestClient testClient;
 
     @Test
     public void givenCustomerCredential_whenWelcomeCustomer_thenExpectOk() {

spring-5-security/src/main/java/com/baeldung/authresolver/CustomWebSecurityConfigurer.java

@@ -1,12 +1,11 @@
 package com.baeldung.authresolver;
 
-import java.util.Arrays;
+import java.util.Collections;
 import javax.servlet.http.HttpServletRequest;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.AuthenticationManagerResolver;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.Authentication;
@@ -18,17 +17,18 @@ import org.springframework.security.web.authentication.www.BasicAuthenticationCo
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
 
 @Configuration
-public class AuthResolverWebSecurityConfigurer extends WebSecurityConfigurerAdapter {
+public class CustomWebSecurityConfigurer extends WebSecurityConfigurerAdapter {
 
     public AuthenticationConverter authenticationConverter() {
         return new BasicAuthenticationConverter();
     }
 
-    public AuthenticationManagerResolver<HttpServletRequest> authenticationManagerResolver() {
+    public AuthenticationManagerResolver<HttpServletRequest> resolver() {
         return request -> {
             if (request
               .getPathInfo()
-              .startsWith("/employee")) return employeesAuthenticationManager();
+              .startsWith("/employee"))
+                return employeesAuthenticationManager();
             return customersAuthenticationManager();
         };
     }
@@ -36,7 +36,11 @@ public class AuthResolverWebSecurityConfigurer extends WebSecurityConfigurerAdap
     public AuthenticationManager customersAuthenticationManager() {
         return authentication -> {
             if (isCustomer(authentication)) {
-                return new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), Arrays.asList(new SimpleGrantedAuthority("ROLE_USER")));
+                return new UsernamePasswordAuthenticationToken(
+                  authentication.getPrincipal(),
+                  authentication.getCredentials(),
+                  Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
+                );
             }
             throw new UsernameNotFoundException(authentication
               .getPrincipal()
@@ -44,31 +48,35 @@ public class AuthResolverWebSecurityConfigurer extends WebSecurityConfigurerAdap
         };
     }
 
-    public boolean isCustomer(Authentication authentication) {
+    private boolean isCustomer(Authentication authentication) {
         return (authentication
           .getPrincipal()
           .toString()
           .startsWith("customer"));
     }
 
-    public boolean isEmployee(Authentication authentication) {
+    private boolean isEmployee(Authentication authentication) {
         return (authentication
           .getPrincipal()
           .toString()
           .startsWith("employee"));
     }
 
-    public AuthenticationFilter authenticationFilter(AuthenticationManagerResolver<HttpServletRequest> resolver, AuthenticationConverter converter) {
+    private AuthenticationFilter authenticationFilter() {
-        AuthenticationFilter ret = new AuthenticationFilter(resolver, converter);
+        AuthenticationFilter ret = new AuthenticationFilter(
-        ret.setSuccessHandler((httpServletRequest, httpServletResponse, authentication) -> {
+          resolver(), authenticationConverter());
-        });
+        ret.setSuccessHandler((request, response, auth) -> {});
         return ret;
     }
 
-    public AuthenticationManager employeesAuthenticationManager() {
+    private AuthenticationManager employeesAuthenticationManager() {
         return authentication -> {
             if (isEmployee(authentication)) {
-                return new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), Arrays.asList(new SimpleGrantedAuthority("ROLE_USER")));
+                return new UsernamePasswordAuthenticationToken(
+                  authentication.getPrincipal(),
+                  authentication.getCredentials(),
+                  Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
+                );
             }
             throw new UsernameNotFoundException(authentication
               .getPrincipal()
@@ -77,16 +85,11 @@ public class AuthResolverWebSecurityConfigurer extends WebSecurityConfigurerAdap
     }
 
     @Override
-    protected void configure(HttpSecurity http) throws Exception {
+    protected void configure(HttpSecurity http) {
-        http
+        http.addFilterBefore(
-          .addFilterBefore(
+          authenticationFilter(),
-          authenticationFilter(
+          BasicAuthenticationFilter.class
-            authenticationManagerResolver(), authenticationConverter()),
+        );
-          BasicAuthenticationFilter.class);
     }
 
-    @Override
-    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        super.configure(auth);
-    }
 }

spring-5-security/src/test/java/com/baeldung/authresolver/AuthResolverIntegrationTest.java

@@ -23,9 +23,11 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 @FixMethodOrder(MethodSorters.NAME_ASCENDING)
 public class AuthResolverIntegrationTest {
 
-    @Autowired private FilterChainProxy springSecurityFilterChain;
+    @Autowired
+    private FilterChainProxy springSecurityFilterChain;
 
-    @Autowired private WebApplicationContext wac;
+    @Autowired
+    private WebApplicationContext wac;
 
     private MockMvc mockMvc;