From 8cc0b3e08f509010c34d25c936422feee1f62f77 Mon Sep 17 00:00:00 2001 From: h_sharifi Date: Wed, 17 Jan 2024 18:50:41 +0330 Subject: [PATCH] #BAEL-7434: add AuthenticationManager bean --- .../multitenant/security/SecurityConfiguration.java | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/persistence-modules/spring-jpa-2/src/main/java/com/baeldung/multitenant/security/SecurityConfiguration.java b/persistence-modules/spring-jpa-2/src/main/java/com/baeldung/multitenant/security/SecurityConfiguration.java index acad0d61e4..b1b12b3b9f 100644 --- a/persistence-modules/spring-jpa-2/src/main/java/com/baeldung/multitenant/security/SecurityConfiguration.java +++ b/persistence-modules/spring-jpa-2/src/main/java/com/baeldung/multitenant/security/SecurityConfiguration.java @@ -4,9 +4,9 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.Customizer; +import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.userdetails.User; @@ -42,16 +42,21 @@ public class SecurityConfiguration { return new BCryptPasswordEncoder(); } + @Bean + public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception { + return authenticationConfiguration.getAuthenticationManager(); + } + @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - final AuthenticationManager authenticationManager = http.getSharedObject(AuthenticationManager.class); + final AuthenticationManager authenticationManager = authenticationManager(http.getSharedObject(AuthenticationConfiguration.class)); http .authorizeHttpRequests(authorize -> authorize.requestMatchers("/login").permitAll().anyRequest().authenticated()) .sessionManagement(securityContext -> securityContext.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) .addFilterBefore(new LoginFilter("/login", authenticationManager), UsernamePasswordAuthenticationFilter.class) .addFilterBefore(new AuthenticationFilter(), UsernamePasswordAuthenticationFilter.class) - .csrf(AbstractHttpConfigurer::disable) + .csrf(csrf -> csrf.disable()) .headers(header -> header.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable)) .httpBasic(Customizer.withDefaults());