Extra DaoAuthenticationProvider is created, despite I created own implementation #5364
Description
Summary
Spring security creates extra AuthenticationProvider.
Actual Behavior
I have configured custom AccountAuthenticationProvider but spring creates also provider org.springframework.security.authentication.dao.DaoAuthenticationProvider. Here is stacktrace when it is created:
<init>:66, DaoAuthenticationProvider (org.springframework.security.authentication.dao)
<init>:38, AbstractDaoAuthenticationConfigurer (org.springframework.security.config.annotation.authentication.configurers.userdetails)
<init>:41, DaoAuthenticationConfigurer (org.springframework.security.config.annotation.authentication.configurers.userdetails)
userDetailsService:187, AuthenticationManagerBuilder (org.springframework.security.config.annotation.authentication.builders)
userDetailsService:572, WebSecurityConfigurerAdapter$DefaultPasswordEncoderAuthenticationManagerBuilder (org.springframework.security.config.annotation.web.configuration)
configure:38, WebSecurityConfiguration (com.datenzentrale.gaalkis.bv.security.config)
authenticationManager:265, WebSecurityConfigurerAdapter (org.springframework.security.config.annotation.web.configuration)
getHttp:201, WebSecurityConfigurerAdapter (org.springframework.security.config.annotation.web.configuration)
init:321, WebSecurityConfigurerAdapter (org.springframework.security.config.annotation.web.configuration)
init:92, WebSecurityConfigurerAdapter (org.springframework.security.config.annotation.web.configuration)
init:-1, WebSecurityConfiguration$$EnhancerBySpringCGLIB$$eaf3f78 (com.datenzentrale.gaalkis.bv.security.config)
init:371, AbstractConfiguredSecurityBuilder (org.springframework.security.config.annotation)
doBuild:325, AbstractConfiguredSecurityBuilder (org.springframework.security.config.annotation)
build:41, AbstractSecurityBuilder (org.springframework.security.config.annotation)
springSecurityFilterChain:104, WebSecurityConfiguration (org.springframework.security.config.annotation.web.configuration)
CGLIB$springSecurityFilterChain$1:-1, WebSecurityConfiguration$$EnhancerBySpringCGLIB$$99fe336c (org.springframework.security.config.annotation.web.configuration)
invoke:-1, WebSecurityConfiguration$$EnhancerBySpringCGLIB$$99fe336c$$FastClassBySpringCGLIB$$6ac381d7 (org.springframework.security.config.annotation.web.configuration)
invokeSuper:228, MethodProxy (org.springframework.cglib.proxy)
intercept:361, ConfigurationClassEnhancer$BeanMethodInterceptor (org.springframework.context.annotation)
springSecurityFilterChain:-1, WebSecurityConfiguration$$EnhancerBySpringCGLIB$$99fe336c (org.springframework.security.config.annotation.web.configuration)
invoke0:-1, NativeMethodAccessorImpl (sun.reflect)
invoke:62, NativeMethodAccessorImpl (sun.reflect)
invoke:43, DelegatingMethodAccessorImpl (sun.reflect)
invoke:498, Method (java.lang.reflect)
instantiate:154, SimpleInstantiationStrategy (org.springframework.beans.factory.support)
instantiateUsingFactoryMethod:579, ConstructorResolver (org.springframework.beans.factory.support)
instantiateUsingFactoryMethod:1254, AbstractAutowireCapableBeanFactory (org.springframework.beans.factory.support)
createBeanInstance:1103, AbstractAutowireCapableBeanFactory (org.springframework.beans.factory.support)
doCreateBean:541, AbstractAutowireCapableBeanFactory (org.springframework.beans.factory.support)
createBean:501, AbstractAutowireCapableBeanFactory (org.springframework.beans.factory.support)
lambda$doGetBean$0:317, AbstractBeanFactory (org.springframework.beans.factory.support)
getObject:-1, 148780085 (org.springframework.beans.factory.support.AbstractBeanFactory$$Lambda$144)
getSingleton:228, DefaultSingletonBeanRegistry (org.springframework.beans.factory.support)
doGetBean:315, AbstractBeanFactory (org.springframework.beans.factory.support)
getBean:199, AbstractBeanFactory (org.springframework.beans.factory.support)
doGetBean:304, AbstractBeanFactory (org.springframework.beans.factory.support)
getBean:199, AbstractBeanFactory (org.springframework.beans.factory.support)
preInstantiateSingletons:760, DefaultListableBeanFactory (org.springframework.beans.factory.support)
finishBeanFactoryInitialization:869, AbstractApplicationContext (org.springframework.context.support)
refresh:550, AbstractApplicationContext (org.springframework.context.support)
refresh:140, ServletWebServerApplicationContext (org.springframework.boot.web.servlet.context)
refresh:759, SpringApplication (org.springframework.boot)
refreshContext:395, SpringApplication (org.springframework.boot)
run:327, SpringApplication (org.springframework.boot)
run:1255, SpringApplication (org.springframework.boot)
run:1243, SpringApplication (org.springframework.boot)
main:37, Application (com.datenzentrale.gaalkis.bv)
invoke0:-1, NativeMethodAccessorImpl (sun.reflect)
invoke:62, NativeMethodAccessorImpl (sun.reflect)
invoke:43, DelegatingMethodAccessorImpl (sun.reflect)
invoke:498, Method (java.lang.reflect)
run:49, RestartLauncher (org.springframework.boot.devtools.restart)
Expected Behavior
Only one provider should exists.
Configuration
I have own provider:
@Component
public class AccountAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
//implementation
}
Here is configuration
@Configuration
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
private final UserDetailsService userDetailsService;
private final AccountAuthenticationProvider accountAuthenticationProvider;
public WebSecurityConfiguration(final UserDetailsService userDetailsService,
final AccountAuthenticationProvider accountAuthenticationProvider) {
this.userDetailsService = userDetailsService;
this.accountAuthenticationProvider = accountAuthenticationProvider;
}
@Override
protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(accountAuthenticationProvider);
auth.userDetailsService(userDetailsService);
}
}
Version
org.springframework.boot:spring-boot-starter-security:2.0.2.RELEASE:
org.springframework.security:spring-security-config:5.0.5.RELEASE
org.springframework.security:spring-security-web:5.0.5.RELEASE