-
Notifications
You must be signed in to change notification settings - Fork 5.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
In the case of multiple providers, the AuthenticationManager will display StackOverflow #14226
Comments
I found a way to find all the providers
|
Hi, @zhangpan-soft. I think that problem is a duplicate of #12343. Can you read the related issues, apply the suggested fixes and read this section of the docs https://docs.spring.io/spring-security/reference/servlet/authentication/passwords/index.html#customize-global-authentication-manager That should give you a good idea of how to solve that. I'm closing this since it is not a bug in Spring Security; however, after going through all those issues you still think this is a bug, we can reopen this ticket. |
It is this principle, in the second clause of #12343, but I have seen that it was proposed in 2021 and seems to have been resolved. However, I still encounter this problem using the latest Springboot security I don't think this problem has been fundamentally solved You can only use Spring Boot Security without using oauth2, as this issue is not related to oauth2 |
This is my configuration core code. I have removed other implementations such as controllers and need to make a simple modification I have used a custom package and need to download it through settings.xml |
Need to change IP address to https://nexus.51000.net |
The problem has been resolved by guiding users on not using the If you think there is a bug, please provide a minimal, reproducible sample, where the dependencies are all resolved from Maven Central. |
thank you. I understand |
SpringBoot -> 3.1.4
Reproduction steps:
1: Define AuthenticationManager, using only the default
2: Define providers, such as UsernamePasswordProvider, PhoneSmsProvider
3: Turn off default form authentication, customize form authentication, and add it to HttpSecurity
4: When we run, we will find that AuthenticationManager has entered a dead loop StackOverflowError generated
5: My solution is to modify the generation method of AuthenticationManager, block the default AuthenticationManager, customize ProviderManager, run it again, and the problem is resolved
6: Therefore, I think it should be a bug in multiple providers Because I think it's common for it to support multiple providers, and although I have solved this problem, every time I add a new provider, I need to inject it into the AuthenticationManager instead of automatically, which is a very annoying thing. Therefore, I want to solve this problem or find a way to get all the providers so that I don't have to modify the ProviderManager every time
The text was updated successfully, but these errors were encountered: