SEC-1195: Change <http> parsing behaviour to use an internal AuthenticationManager instance #1443

Closed
spring-issuemaster opened this Issue Jul 8, 2009 · 2 comments

1 participant

@spring-issuemaster

Luke Taylor (Migrated from SEC-1195) said:

One of the complexities with parsing the namespace is that it is necessary to render the authentication providers created by the block with the single AuthenticationManager instance that is used. This makes it difficult to satisfy requests like that in SEC-1095, which wish to use a separately defined AuthenticationManager from a parent context. It also makes it difficult to allow multiple blocks, which we are moving towards as an option by removing the use of globally unique bean names for filters etc.

It should be possible for all the beans registered by the block to use an internal AuthenticationManager instance which ultimately delegates to the "parent" instance which contains the real providers which the user registers. One way to achieve this would be by introducing the concept of a parent in ProviderManager. The internal instance would also probably be responsible for concurrent session checking.

@spring-issuemaster

Luke Taylor said:

ProviderManager now has the option of being configured with a parent AuthenticationManager, and the block configures its own ProviderManager reference with a reference to the main one as the parent.

@spring-issuemaster spring-issuemaster added this to the 3.0.0 M2 milestone Feb 5, 2016
@spring-issuemaster

This issue is related to #1346

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment