8

Working on moving from spring security xml configuration to Java Config in Spring Security.

In my class SecurityConfiguration that extends WebSecurityConfigurerAdapter. However, the problem is that the userDetailsService is not being used by the security filters specifically the UsernamePasswordAuthenticationFilter. I looked at the startup and it seems that this is not created before Spring boots creates the default InMemoryUserDetailsManager.

@Configuration
@EnableWebMvcSecurity
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http)
      throws Exception {

      http.userDetailsService(userDetailsService);

    }
}

I have also tried to override the userDetailsServiceBean and userDetailsService in this class using the custom injected ApplicationUserDetailsService.

@Bean(name="myUserDetailsBean")
@Override
public UserDetailsService userDetailsServiceBean() {
    return userDetailsService;
}

@Override
public UserDetailsService userDetailsService() {

    return userDetailsService;
}

However, when I try to override the authenticationManagerBean it looks like it invokes my configuration before the spring boot configuration initializes but it throws an error (below) that there is a circular reference when initializing the UsernamePasswordAuthenticationFilter. Do I need really need to override the authenticationManagerBean because I need to define what goes into the UsernamePasswordAuthenticationFilter. 

@Bean(name="myAuthenticationManager")
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
    return super.authenticationManagerBean();
}

..

Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter]: Circular reference involving containing bean 'securityBeansConfiguration' - consider declaring the factory method as static for independence from its containing instance. Factory method 'usernamePasswordAuthenticationFilter' threw exception; nested exception is java.lang.IllegalArgumentException: successHandler cannot be null
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:189) ~[spring-beans-4.1.4.RELEASE.jar:4.1.4.RELEASE]
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588) ~[spring-beans-4.1.4.RELEASE.jar:4.1.4.RELEASE]
... 70 common frames omitted

Ideas?

Brian Hurley
  • 81
  • 1
  • 4

1 Answers1

-1

Hi there is simple way to override UserDetailsService

import com.dog.care.domain.User;
import com.dog.care.repository.UserRepository;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import org.springframework.transaction.annotation.Transactional;

import javax.inject.Inject;
import java.util.Optional;

@Component("userDetailsService")
public class UserDetailsService implements org.springframework.security.core.userdetails.UserDetailsService {

private final Logger log = LoggerFactory.getLogger(UserDetailsService.class);

@Inject
private UserRepository userRepository;

@Override
@Transactional
public UserDetails loadUserByUsername(final String login) {
    log.debug("Authenticating {}", login);
    String lowercaseLogin = login.toLowerCase();
    Optional<User> userFromDatabase =  userRepository.findOneByLogin(lowercaseLogin);
    return userFromDatabase.map(user -> {
        if (!user.getActivated()) {
            throw new UserNotActivatedException("User " + lowercaseLogin + " was not activated");
        }
        return new CustomUserDetails(user);
    }).orElseThrow(() -> new UsernameNotFoundException("User " + lowercaseLogin + " was not found in the database"));
}
}

This is important: @Component("userDetailsService")

Thanks Aleksandar

abosancic
  • 1,776
  • 1
  • 15
  • 21