BAEL-741: Spring Security Multiple Authentication Providers (#1838)

* Add NDC and JBoss Logging to the demo application * NDC for Log4j, Log4j2 and JBoss Logging * Simplify NDC example by making it a single operation instead of two * Make NDC example as RestController, Use JBoss Logging only as a logging bridge * Fix merge conflicts in pull request - log-mdc pom.xml updated * BAEL-445 Update to Spring security SpEL example * BAEL-445: Change tabs to spaces in the updated code * BAEL-245: Add Enum Serialization exmaple * BAEL-245: Remove the folder jackson/src/test/java/com/baeldung/jackson/dtos/withEnum as the example is not used anymore * Add more enum serialization examples to align with previous example and prevent build fail * BAEL-611: Minor formatting changes * BAEL-611: Update Test case method names * BAEL-611 Add JAX-WS client and JUnit Test * BAEL-245: Issue 1753. Fix the typo - change from writeNumber() to writeString() * BAEL-741: Spring Security Multiple Authentication Providers * BAEL-741: Spring Security Multiple Authentication Providers * Remove unnecessary change in pom.xml
2017-05-22 03:49:00 -06:00 · 2017-05-22 03:49:00 -06:00 · d1e4eed806
parent 02d153b953
commit d1e4eed806
6 changed files with 175 additions and 0 deletions
--- a/spring-security-mvc-boot/src/main/java/org/baeldung/multipleauthproviders/CustomAuthenticationProvider.java
+++ b/spring-security-mvc-boot/src/main/java/org/baeldung/multipleauthproviders/CustomAuthenticationProvider.java
@ -0,0 +1,31 @@
+package org.baeldung.multipleauthproviders;
+
+import java.util.Collections;
+
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.stereotype.Component;
+
+@Component
+public class CustomAuthenticationProvider implements AuthenticationProvider {
+    @Override
+    public Authentication authenticate(Authentication auth) throws AuthenticationException {
+        final String username = auth.getName();
+        final String password = auth.getCredentials()
+            .toString();
+
+        if ("externaluser".equals(username) && "pass".equals(password)) {
+            return new UsernamePasswordAuthenticationToken(username, password, Collections.emptyList());
+        } else {
+            throw new BadCredentialsException("External system authentication failed");
+        }
+    }
+
+    @Override
+    public boolean supports(Class<?> auth) {
+        return auth.equals(UsernamePasswordAuthenticationToken.class);
+    }
+}
--- a/spring-security-mvc-boot/src/main/java/org/baeldung/multipleauthproviders/MultipleAuthController.java
+++ b/spring-security-mvc-boot/src/main/java/org/baeldung/multipleauthproviders/MultipleAuthController.java
@ -0,0 +1,13 @@
+package org.baeldung.multipleauthproviders;
+
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+public class MultipleAuthController {
+
+    @RequestMapping("/api/ping")
+    public String getPing() {
+        return "OK";
+    }
+}
--- a/spring-security-mvc-boot/src/main/java/org/baeldung/multipleauthproviders/MultipleAuthProvidersApplication.java
+++ b/spring-security-mvc-boot/src/main/java/org/baeldung/multipleauthproviders/MultipleAuthProvidersApplication.java
@ -0,0 +1,12 @@
+package org.baeldung.multipleauthproviders;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+// @ImportResource({ "classpath*:spring-security-multiple-auth-providers.xml" })
+public class MultipleAuthProvidersApplication {
+    public static void main(String[] args) {
+        SpringApplication.run(MultipleAuthProvidersApplication.class, args);
+    }
+}
--- a/spring-security-mvc-boot/src/main/java/org/baeldung/multipleauthproviders/MultipleAuthProvidersSecurityConfig.java
+++ b/spring-security-mvc-boot/src/main/java/org/baeldung/multipleauthproviders/MultipleAuthProvidersSecurityConfig.java
@ -0,0 +1,34 @@
+package org.baeldung.multipleauthproviders;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@EnableWebSecurity
+public class MultipleAuthProvidersSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Autowired
+    CustomAuthenticationProvider customAuthProvider;
+
+    @Override
+    public void configure(AuthenticationManagerBuilder auth) throws Exception {
+
+        auth.authenticationProvider(customAuthProvider);
+
+        auth.inMemoryAuthentication()
+            .withUser("memuser")
+            .password("pass")
+            .roles("USER");
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.httpBasic()
+            .and()
+            .authorizeRequests()
+            .antMatchers("/api/**")
+            .authenticated();
+    }
+}
--- a/spring-security-mvc-boot/src/main/resources/spring-security-multiple-auth-providers.xml
+++ b/spring-security-mvc-boot/src/main/resources/spring-security-multiple-auth-providers.xml
@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security"
+  xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+    <security:authentication-manager>
+        <security:authentication-provider>
+            <security:user-service>
+                <security:user name="memuser" password="pass" 
+                  authorities="ROLE_USER" />
+            </security:user-service>
+        </security:authentication-provider>
+
+        <security:authentication-provider
+          ref="customAuthenticationProvider" />
+    </security:authentication-manager>
+
+    <security:http>
+        <security:http-basic />
+        <security:intercept-url pattern="/api/**" 
+          access="isAuthenticated()" />
+    </security:http>
+</beans>
--- a/spring-security-mvc-boot/src/test/java/org/baeldung/web/MultipleAuthProvidersApplicationTests.java
+++ b/spring-security-mvc-boot/src/test/java/org/baeldung/web/MultipleAuthProvidersApplicationTests.java
@ -0,0 +1,61 @@
+package org.baeldung.web;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+import java.util.Collections;
+
+import org.baeldung.multipleauthproviders.MultipleAuthProvidersApplication;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
+import org.springframework.boot.test.web.client.TestRestTemplate;
+import org.springframework.http.ResponseEntity;
+import org.springframework.test.context.junit4.SpringRunner;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT, classes = MultipleAuthProvidersApplication.class)
+public class MultipleAuthProvidersApplicationTests {
+    @Autowired
+    private TestRestTemplate restTemplate;
+
+    @Test
+    public void givenMemUsers_whenGetPingWithValidUser_thenOk() {
+        ResponseEntity<String> result = makeRestCallToGetPing("memuser", "pass");
+
+        assertThat(result.getStatusCodeValue()).isEqualTo(200);
+        assertThat(result.getBody()).isEqualTo("OK");
+    }
+
+    @Test
+    public void givenExternalUsers_whenGetPingWithValidUser_thenOK() {
+        ResponseEntity<String> result = makeRestCallToGetPing("externaluser", "pass");
+
+        assertThat(result.getStatusCodeValue()).isEqualTo(200);
+        assertThat(result.getBody()).isEqualTo("OK");
+    }
+
+    @Test
+    public void givenAuthProviders_whenGetPingWithNoCred_then401() {
+        ResponseEntity<String> result = makeRestCallToGetPing();
+
+        assertThat(result.getStatusCodeValue()).isEqualTo(401);
+    }
+
+    @Test
+    public void givenAuthProviders_whenGetPingWithBadCred_then401() {
+        ResponseEntity<String> result = makeRestCallToGetPing("user", "bad_password");
+
+        assertThat(result.getStatusCodeValue()).isEqualTo(401);
+    }
+
+    private ResponseEntity<String> makeRestCallToGetPing(String username, String password) {
+        return restTemplate.withBasicAuth(username, password)
+            .getForEntity("/api/ping", String.class, Collections.emptyMap());
+    }
+
+    private ResponseEntity<String> makeRestCallToGetPing() {
+        return restTemplate.getForEntity("/api/ping", String.class, Collections.emptyMap());
+    }
+}