Configure JDBC Authentication in Spring Boot
Question
Goal: Add jdbc authentication to spring boot with default security configurations.
Source can be found here
Per Spring Boot Docs
configure the global AuthenticationManager by autowiring an AuthenticationManagerBuilder into a method in one of your @Configuration classes
and Spring Security Docs with example:
@Autowired
private DataSource dataSource;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.jdbcAuthentication()
.dataSource(dataSource)
.withDefaultSchema()
.withUser("user").password("password").roles("USER").and()
.withUser("admin").password("password").roles("USER", "ADMIN");
}
Given the above, added the following ( found here ):
@Configuration
@EnableAuthorizationServer
@EnableResourceServer
public class AuthenticationManagerConfig {
@Autowired
private DataSource dataSource;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication()
.dataSource(dataSource)
.withDefaultSchema()
.withUser("user").password("password").roles("ROLE_USER").and()
.withUser("admin").password("password").roles("ROLE_USER", "ROLE_ADMIN");
}
}
with resulting error:
java.lang.IllegalStateException: Cannot apply org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer@13404f75 to already built object
and further up the logs, we can see the auto config doing it's thing when it shouldn't be:
2016-02-02 22:52:48.047 DEBUG 30487 --- [ost-startStop-1] eGlobalAuthenticationAutowiredConfigurer : Eagerly initializing {org.springframework.boot.autoconfigure.security.SpringBootWebSecurityConfiguration=org.springframework.boot.autoconfigure.security.SpringBootWebSecurityConfiguration$$EnhancerBySpringCGLIB$$627430a8@78acaa86}
2016-02-02 22:52:48.074 DEBUG 30487 --- [ost-startStop-1] .s.BootGlobalAuthenticationConfiguration : Eagerly initializing {user=com.msyla.usergreeter.user.User$$EnhancerBySpringCGLIB$$3cd414fd@73128671, coreConfig=com.msyla.usergreeter.user.core.config.CoreConfig$$EnhancerBySpringCGLIB$$30c07250@6ed3c66b}
2016-02-02 22:52:48.095 INFO 30487 --- [ost-startStop-1] b.a.s.AuthenticationManagerConfiguration :
Using default security password: 5b33158f-156d-43f4-892f-6c452f15e1cc
Question: All that is being asked here is to have default boot configurations with the exception of where the user is being stored, jdbc instead of in memory. Am I doing it incorrectly? Are the docs wrong? I have tried several other routes to no avail.
Thanks in advance!
2 answers
solution1
2 ACCPTED 2016-02-05 13:37:00
After much work, I recalled how to properly work with spring, that is to step through their code to get a better understanding in surgically addressing my needs. With some investigation, determined the class in need of modification/extension. Resulting in:
@Configuration
@EnableAuthorizationServer
@EnableResourceServer
public class AuthenticationManagerConfig extends GlobalAuthenticationConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource);
}
}
The above will instruct spring to look up via jdbc while keeping everthing else auto configured.
solution2
0 2016-02-03 03:27:36
if you want to override the default security configuration, make sure you are extending the WebSecurityConfigurerAdapter class
@Configuration
@EnableAuthorizationServer
@EnableResourceServer
public class AuthenticationManagerConfig extends WebSecurityConfigurerAdapter
{
// ...
}
and remove the prefix ROLE_ on your role definition, it will added automatically by spring.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.