mirror of
https://github.com/spring-projects/spring-boot.git
synced 2024-07-20 01:16:32 +08:00
Backport to 1.1.x the fix for gh-2474 (originally made in e42fa79f7)
This commit is contained in:
Andy Wilkinson
parent
8622e5db20
commit
df81b3145f
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2012-2014 the original author or authors.
|
||||
* Copyright 2012-2015 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@ -32,6 +32,7 @@ import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Primary;
|
||||
import org.springframework.context.event.ContextRefreshedEvent;
|
||||
import org.springframework.core.Ordered;
|
||||
import org.springframework.core.annotation.Order;
|
||||
import org.springframework.security.authentication.AuthenticationEventPublisher;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
@ -40,9 +41,8 @@ import org.springframework.security.authentication.ProviderManager;
|
||||
import org.springframework.security.config.annotation.ObjectPostProcessor;
|
||||
import org.springframework.security.config.annotation.SecurityConfigurer;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
|
||||
import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
/**
|
||||
@ -60,16 +60,7 @@ import org.springframework.stereotype.Component;
|
||||
@ConditionalOnBean(ObjectPostProcessor.class)
|
||||
@ConditionalOnMissingBean({ AuthenticationManager.class })
|
||||
@Order(0)
|
||||
public class AuthenticationManagerConfiguration extends
|
||||
GlobalAuthenticationConfigurerAdapter {
|
||||
|
||||
/*
|
||||
* Yes, this class is a GlobalAuthenticationConfigurerAdapter, even though none of
|
||||
* those methods are overridden: we want Spring Security to instantiate us early, so
|
||||
* we can in turn force the SecurityPrequisites to be instantiated. This will prevent
|
||||
* ordering issues between Spring Boot modules when they need to influence the default
|
||||
* security configuration.
|
||||
*/
|
||||
public class AuthenticationManagerConfiguration {
|
||||
|
||||
private static Log logger = LogFactory
|
||||
.getLog(AuthenticationManagerConfiguration.class);
|
||||
@ -77,35 +68,17 @@ public class AuthenticationManagerConfiguration extends
|
||||
@Autowired
|
||||
private List<SecurityPrequisite> dependencies;
|
||||
|
||||
@Autowired
|
||||
private SecurityProperties security;
|
||||
|
||||
@Autowired
|
||||
private ObjectPostProcessor<Object> objectPostProcessor;
|
||||
|
||||
@Bean
|
||||
@Primary
|
||||
public AuthenticationManager authenticationManager(AuthenticationManagerBuilder auth,
|
||||
ApplicationContext context) throws Exception {
|
||||
|
||||
if (isAuthenticationManagerAlreadyConfigured(context)) {
|
||||
return new LazyAuthenticationManager(auth);
|
||||
}
|
||||
|
||||
/*
|
||||
* This AuthenticationManagerBuilder is for the global AuthenticationManager
|
||||
*/
|
||||
BootDefaultingAuthenticationConfigurerAdapter configurer = new BootDefaultingAuthenticationConfigurerAdapter();
|
||||
configurer.configure(auth);
|
||||
AuthenticationManager manager = configurer.getAuthenticationManagerBuilder()
|
||||
.getOrBuild();
|
||||
configurer.configureParent(auth);
|
||||
return manager;
|
||||
|
||||
public AuthenticationManager authenticationManager(AuthenticationConfiguration auth)
|
||||
throws Exception {
|
||||
return auth.getAuthenticationManager();
|
||||
}
|
||||
|
||||
private boolean isAuthenticationManagerAlreadyConfigured(ApplicationContext context) {
|
||||
return context.getBeanNamesForType(GlobalAuthenticationConfigurerAdapter.class).length > 2;
|
||||
@Bean
|
||||
public static BootDefaultingAuthenticationConfigurerAdapter bootDefaultingAuthenticationConfigurerAdapter(
|
||||
SecurityProperties security, List<SecurityPrequisite> dependencies) {
|
||||
return new BootDefaultingAuthenticationConfigurerAdapter(security);
|
||||
}
|
||||
|
||||
@Component
|
||||
@ -152,64 +125,33 @@ public class AuthenticationManagerConfiguration extends
|
||||
* methods are invoked before configure, which cannot be guaranteed at this point.</li>
|
||||
* </ul>
|
||||
*/
|
||||
private class BootDefaultingAuthenticationConfigurerAdapter {
|
||||
@Order(Ordered.LOWEST_PRECEDENCE - 100)
|
||||
private static class BootDefaultingAuthenticationConfigurerAdapter extends
|
||||
GlobalAuthenticationConfigurerAdapter {
|
||||
private final SecurityProperties security;
|
||||
|
||||
private AuthenticationManagerBuilder defaultAuth;
|
||||
|
||||
private AuthenticationManager parent;
|
||||
|
||||
public void configureParent(AuthenticationManagerBuilder auth) {
|
||||
if (!auth.isConfigured() && this.parent != null) {
|
||||
auth.parentAuthenticationManager(this.parent);
|
||||
}
|
||||
@Autowired
|
||||
public BootDefaultingAuthenticationConfigurerAdapter(SecurityProperties security) {
|
||||
this.security = security;
|
||||
}
|
||||
|
||||
public AuthenticationManagerBuilder getAuthenticationManagerBuilder() {
|
||||
return this.defaultAuth;
|
||||
}
|
||||
|
||||
public void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
@Override
|
||||
public void init(AuthenticationManagerBuilder auth) throws Exception {
|
||||
if (auth.isConfigured()) {
|
||||
this.defaultAuth = auth;
|
||||
return;
|
||||
}
|
||||
|
||||
User user = AuthenticationManagerConfiguration.this.security.getUser();
|
||||
User user = this.security.getUser();
|
||||
if (user.isDefaultPassword()) {
|
||||
logger.info("\n\nUsing default security password: " + user.getPassword()
|
||||
+ "\n\n");
|
||||
}
|
||||
|
||||
this.defaultAuth = new AuthenticationManagerBuilder(
|
||||
AuthenticationManagerConfiguration.this.objectPostProcessor);
|
||||
|
||||
Set<String> roles = new LinkedHashSet<String>(user.getRole());
|
||||
|
||||
this.parent = this.defaultAuth.inMemoryAuthentication()
|
||||
.withUser(user.getName()).password(user.getPassword())
|
||||
.roles(roles.toArray(new String[roles.size()])).and().and().build();
|
||||
|
||||
// Defer actually setting the parent on the AuthenticationManagerBuilder
|
||||
// because it makes it "configured" and we are only in the init() phase
|
||||
// here.
|
||||
|
||||
auth.inMemoryAuthentication().withUser(user.getName())
|
||||
.password(user.getPassword())
|
||||
.roles(roles.toArray(new String[roles.size()]));
|
||||
}
|
||||
}
|
||||
|
||||
private static class LazyAuthenticationManager implements AuthenticationManager {
|
||||
|
||||
private AuthenticationManagerBuilder builder;
|
||||
|
||||
public LazyAuthenticationManager(AuthenticationManagerBuilder builder) {
|
||||
this.builder = builder;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Authentication authenticate(Authentication authentication)
|
||||
throws AuthenticationException {
|
||||
return this.builder.getOrBuild().authenticate(authentication);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user