SEC-2087: GlobalMethodSecurityBeanDefinitionParser.AuthenticationManagerDelegator attempts to get a bean using the concrete implementation #2321

Closed
spring-issuemaster opened this Issue Nov 28, 2012 · 1 comment

2 participants

@spring-issuemaster

Rigas Grigoropoulos (Migrated from SEC-2087) said:

In the authenticate method of the AuthenticationManagerDelegator inner class, it is attempted to get a bean of class org.springframework.security.authentication.ProviderManager.
In the Eclipse Virgo container when the AuthenticationManager is referenced as a service, the ProviderManager will be wrapped inside a Proxy class and the following Exception will be thrown:

Failed to call secure method org.springframework.beans.factory.BeanNotOfRequiredTypeException: Bean named 'authenticationManager' must be of type [org.springframework.security.authentication.ProviderManager], but was actually of type [$Proxy94]
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:360)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)
at org.springframework.security.config.method.GlobalMethodSecurityBeanDefinitionParser$AuthenticationManagerDelegator.authenticate(GlobalMethodSecurityBeanDefinitionParser.java:386)

The bean should be looked up by the org.springframework.security.authentication.AuthenticationManager interface.
The following change works properly for the described scenario.
Original code (at line 386):
try {
delegate = beanFactory.getBean(authMgrBean, ProviderManager.class);
} catch (NoSuchBeanDefinitionException e) {

Changed to:
try {
delegate = beanFactory.getBean(authMgrBean, AuthenticationManager.class);
} catch (NoSuchBeanDefinitionException e) {

@spring-issuemaster

Rob Winch said:

Thanks for taking the time to report this issue. This is fixed in both master and the 3.1.x branch

@spring-issuemaster spring-issuemaster added this to the 3.2.0 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment