#21 Authentication uses LifecycleManager

spring-attic · Jun 11, 2013 · b5d2ece · b5d2ece
1 parent c0a182c
commit b5d2ece
Show file tree

Hide file tree

Showing 6 changed files with 147 additions and 3 deletions.
diff --git a/...ringframework/security/config/annotation/authentication/AuthenticationManagerBuilder.java b/...ringframework/security/config/annotation/authentication/AuthenticationManagerBuilder.java
@@ -26,6 +26,7 @@
 import org.springframework.security.config.annotation.authentication.ldap.LdapAuthenticationProviderConfigurator;
 import org.springframework.security.config.annotation.provisioning.InMemoryUserDetailsManagerSecurityBuilder;
 import org.springframework.security.config.annotation.provisioning.JdbcUserDetailsManagerConfigurator;
+import org.springframework.security.config.annotation.web.LifecycleManager;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.userdetails.UserDetailsService;
 
@@ -41,10 +42,22 @@
 public class AuthenticationManagerBuilder extends AbstractConfiguredSecurityBuilder<AuthenticationManager, AuthenticationManagerBuilder>
         implements SecurityBuilder<AuthenticationManager>, AuthenticationRegistry {
 
+    private LifecycleManager lifecycleManager;
+
     private AuthenticationManager parentAuthenticationManager;
     private List<AuthenticationProvider> authenticationProviders = new ArrayList<AuthenticationProvider>();
     private UserDetailsService defaultUserDetailsService;
 
+    /**
+     * Sets the {@link LifecycleManager} to be used on the {@link AuthenticationManagerBuilder}
+     * @param lifecycleManager
+     * @return the {@link AuthenticationManagerBuilder} for further customizations
+     */
+    public AuthenticationManagerBuilder lifecycleManager(LifecycleManager lifecycleManager) {
+        this.lifecycleManager = lifecycleManager;
+        return this;
+    }
+
     /**
      * Allows providing a parent {@link AuthenticationManager} that will be
      * tried if this {@link AuthenticationManager} was unable to attempt to
@@ -137,6 +150,7 @@ public <T extends UserDetailsService> DaoAuthenticationConfigurator<T> userDetai
     @Override
     public AuthenticationRegistry add(
             AuthenticationProvider authenticationProvider) {
+        authenticationProvider = registerLifecycle(authenticationProvider);
         this.authenticationProviders.add(authenticationProvider);
         return this;
     }
@@ -147,6 +161,10 @@ protected AuthenticationManager performBuild() throws Exception {
                 parentAuthenticationManager);
     }
 
+    private <T> T registerLifecycle(T object) {
+        return lifecycleManager == null ? object : lifecycleManager.registerLifecycle(object);
+    }
+
     /**
      * Gets the default {@link UserDetailsService} for the
      * {@link AuthenticationManagerBuilder}. The result may be null in some

diff --git a/src/main/java/org/springframework/security/config/annotation/web/LifecycleManager.java b/src/main/java/org/springframework/security/config/annotation/web/LifecycleManager.java
@@ -27,7 +27,7 @@
  * @author Rob Winch
  * @since 3.2
  */
-interface LifecycleManager {
+public interface LifecycleManager {
 
     /**
      * Initialize the object possibly returning a modified instance that should

diff --git a/...ain/java/org/springframework/security/config/annotation/web/WebSecurityConfiguration.java b/...ain/java/org/springframework/security/config/annotation/web/WebSecurityConfiguration.java
@@ -52,12 +52,15 @@
  */
 @Configuration
 public class WebSecurityConfiguration {
+    @Autowired
+    private AutowireCapableBeanFactory beanFactory;
+
     private final WebSecurityBuilder webSecurityBuilder = new WebSecurityBuilder();
 
     private List<SecurityConfigurator<FilterChainProxy, WebSecurityBuilder>> webSecurityConfigurers;
 
     @Bean
-    public LifecycleManager lifecycleManager(AutowireCapableBeanFactory beanFactory) {
+    public LifecycleManager lifecycleManager() {
         return new AutowireBeanFactoryLifecycleManager(beanFactory);
     }
 

diff --git a/...java/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapter.java b/...java/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapter.java
@@ -51,6 +51,16 @@ public abstract class WebSecurityConfigurerAdapter implements WebSecurityConfigu
     private HttpConfiguration http;
     private boolean disableDefaults;
 
+    /**
+     * Sets the {@link LifecycleManager} to be used on the {@link AuthenticationManagerBuilder}
+     *
+     * @param lifecycleManager
+     */
+    private void setLifecycleManager(LifecycleManager lifecycleManager) {
+        authenticationBuilder.lifecycleManager(lifecycleManager);
+        parentAuthenticationRegistry.lifecycleManager(lifecycleManager);
+    }
+
     /**
      * Creates an instance with the default configuration enabled.
      */
@@ -112,9 +122,10 @@ protected final HttpConfiguration getHttp() throws Exception {
         if(http != null) {
             return http;
         }
+        AutowireBeanFactoryLifecycleManager lifecycleManager = new AutowireBeanFactoryLifecycleManager(context.getAutowireCapableBeanFactory());
+        setLifecycleManager(lifecycleManager);
         AuthenticationManager authenticationManager = authenticationManager();
         authenticationBuilder.parentAuthenticationManager(authenticationManager);
-        AutowireBeanFactoryLifecycleManager lifecycleManager = new AutowireBeanFactoryLifecycleManager(context.getAutowireCapableBeanFactory());
         http = new HttpConfiguration(lifecycleManager,authenticationBuilder);
         http.setSharedObject(UserDetailsService.class, userDetailsService());
         if(!disableDefaults) {

diff --git a/src/test/groovy/org/springframework/security/config/annotation/BaseSpringSpec.groovy b/src/test/groovy/org/springframework/security/config/annotation/BaseSpringSpec.groovy
@@ -18,6 +18,7 @@ package org.springframework.security.config.annotation;
 import org.springframework.context.ConfigurableApplicationContext
 import org.springframework.context.annotation.AnnotationConfigApplicationContext
 import org.springframework.security.authentication.AuthenticationManager
+import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.config.annotation.authentication.AuthenticationManagerBuilder;
 import org.springframework.security.core.context.SecurityContextHolder
 import org.springframework.security.web.FilterChainProxy
@@ -59,4 +60,14 @@ abstract class BaseSpringSpec extends Specification {
     AuthenticationManager authenticationManager() {
         context.getBean(AuthenticationManager)
     }
+
+    List<AuthenticationProvider> authenticationProviders() {
+        List<AuthenticationProvider> providers = new ArrayList<AuthenticationProvider>()
+        AuthenticationManager authenticationManager = authenticationManager().delegateBuilder.getObject()
+        while(authenticationManager?.providers) {
+            providers.addAll(authenticationManager.providers)
+            authenticationManager = authenticationManager.parent
+        }
+        providers
+    }
 }
diff --git a/...g/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTests.groovy b/...g/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTests.groovy
@@ -0,0 +1,101 @@
+/*
+ * Copyright 2002-2013 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.config.annotation.web;
+
+import static org.junit.Assert.*
+
+import javax.sql.DataSource
+
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseBuilder
+import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseType
+import org.springframework.ldap.core.support.BaseLdapPathContextSource
+import org.springframework.security.authentication.AuthenticationManager
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.config.annotation.BaseSpringSpec
+import org.springframework.security.config.annotation.authentication.AuthenticationRegistry
+import org.springframework.security.ldap.DefaultSpringSecurityContextSource
+
+/**
+ * @author Rob Winch
+ *
+ */
+class WebSecurityConfigurerAdapterTests extends BaseSpringSpec {
+
+    def "MessageSources populated on AuthenticationProviders"() {
+        when:
+            loadConfig(MessageSourcesPopulatedConfig)
+            List<AuthenticationProvider> providers = authenticationProviders()
+        then:
+            providers*.messages*.messageSource == [context,context,context,context]
+    }
+
+
+    @Configuration
+    @EnableWebSecurity
+    static class MessageSourcesPopulatedConfig extends WebSecurityConfigurerAdapter {
+        @Override
+        public void configure(WebSecurityBuilder builder)	throws Exception {
+            builder
+                .ignoring()
+                    .antMatchers("/ignore1","/ignore2");
+        }
+
+        @Bean
+        @Override
+        public AuthenticationManager authenticationManagerBean()
+                throws Exception {
+            return super.authenticationManagerBean();
+        }
+
+        @Override
+        protected void configure(HttpConfiguration http) throws Exception {
+            http
+                .antMatcher("/role1/**")
+                .authorizeUrls()
+                    .anyRequest().hasRole("1");
+        }
+
+        @Bean
+        public BaseLdapPathContextSource contextSource() throws Exception {
+            DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource(
+                    "ldap://127.0.0.1:33389/dc=springframework,dc=org")
+            contextSource.userDn = "uid=admin,ou=system"
+            contextSource.password = "secret"
+            contextSource.afterPropertiesSet();
+            return contextSource;
+        }
+
+        @Bean
+        public DataSource dataSource() {
+            EmbeddedDatabaseBuilder builder = new EmbeddedDatabaseBuilder();
+            return builder.setType(EmbeddedDatabaseType.HSQL).build();
+        }
+
+        @Override
+        protected void registerAuthentication(AuthenticationRegistry registry)
+                throws Exception {
+            registry
+                .inMemoryAuthentication().and()
+                .jdbcUserDetailsManager()
+                    .dataSource(dataSource())
+                    .and()
+                .ldapAuthenticationProvider()
+                    .contextSource(contextSource())
+        }
+    }
+}