SEC-1812: Authentication Managers can not be overridden #2046

Closed
spring-issuemaster opened this Issue Sep 5, 2011 · 1 comment

1 participant

@spring-issuemaster

kunal dabir (Migrated from SEC-1812) said:

application-security.xml
security:authentication-manager
security:authentication-provider
security:user-service


/security:user-service
/security:authentication-provider
/security:authentication-manager

application-security-override.xml
security:authentication-manager

/security:authentication-manager

gives :
org.springframework.beans.factory.BeanDefinitionStoreException: Unexpected exception parsing XML document from class path resource [application-security.xml]; nested
exception is java.lang.IllegalStateException: AuthenticationManager has already been registered!

As one would expect with Plain Old Spring Beans (POSB ;-0), namespaced elements can not be overridden. I don't know if that's intentional, but poor user (like me) is taken by surprise to see it not working.

@spring-issuemaster

Luke Taylor said:

I've replace the assertion with a warning when the global AuthenticationManager is overwritten. Note that the changes in SEC-1847 may also be of interest.

@spring-issuemaster spring-issuemaster added this to the 3.1.0 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment