SEC-2933: Wrong XML configuration snippet of ProviderManager in reference guide #3059

spring-projects-issues · 2015-04-08T02:08:40Z

Tomas Repel (Migrated from SEC-2933) said:

See http://docs.spring.io/spring-security/site/docs/4.0.x/reference/htmlsingle/#core-services-authentication-manager

There is XML code snippet using non-parametric constructor that has been deprecated in Spring Security 3.x and was removed in Spring Security 4.x:

<bean id="authenticationManager"
     class="org.springframework.security.authentication.ProviderManager">
<property name="providers">
    <list>
      <ref local="daoAuthenticationProvider"/>
      <ref local="anonymousAuthenticationProvider"/>
      <ref local="ldapAuthenticationProvider"/>
    </list>
</property>
</bean>

It should be fixed by using constructor argument instead of setting property.

<bean id="authenticationManager"
     class="org.springframework.security.authentication.ProviderManager">
<constructor-arg name="providers">
    <list>
      <ref local="daoAuthenticationProvider"/>
      <ref local="anonymousAuthenticationProvider"/>
      <ref local="ldapAuthenticationProvider"/>
    </list>
</constructor-arg>
</bean>

The text was updated successfully, but these errors were encountered:

spring-projects-issues closed this as completed Apr 22, 2015

spring-projects-issues added in: docs Closed type: bug type: jira labels Feb 5, 2016

spring-projects-issues assigned rwinch Feb 5, 2016

spring-projects-issues added this to the 4.0.1 milestone Feb 5, 2016

SEC-2933: Wrong XML configuration snippet of ProviderManager in reference guide #3059

SEC-2933: Wrong XML configuration snippet of ProviderManager in reference guide #3059

Comments

spring-projects-issues commented Apr 8, 2015