spring-java-config - w3toppers.com

Custom Authentication provider with Spring Security and Java Config

The following does what you need (CustomAuthenticationProvider is your implementation which needs to be managed by Spring) @Configuration @EnableWebMvcSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private CustomAuthenticationProvider customAuthenticationProvider; @Override protected void configure(HttpSecurity http) throws Exception { /** * Do your stuff here */ } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.authenticationProvider(customAuthenticationProvider); } … Read more

disabling spring security in spring boot app [duplicate]

Use security.ignored property: security.ignored=/** security.basic.enable: false will just disable some part of the security auto-configurations but your WebSecurityConfig still will be registered. There is a default security password generated at startup Try to Autowired the AuthenticationManagerBuilder: @Override @Autowired protected void configure(AuthenticationManagerBuilder auth) throws Exception { … }

Configuring AspectJ aspects using Spring IoC with JavaConfig?

Turns out that there is an org.aspectj.lang.Aspects class to provide for specifically this purpose. It appears that the aspectOf() method is added by the LTW which is why it works fine in XML configuration, but not at compile time. To get around this limitation, org.aspectj.lang.Aspects provides a aspectOf() method: @Bean public com.xyz.profiler.Profiler profiler() { com.xyz.profiler.Profiler … Read more

How do I remove the ROLE_ prefix from Spring Security with JavaConfig?

Starting from Spring 4.2, you can define the prefix with a single bean, as described here: https://github.com/spring-projects/spring-security/issues/4134 @Bean GrantedAuthorityDefaults grantedAuthorityDefaults() { return new GrantedAuthorityDefaults(“”); // Remove the ROLE_ prefix } XML version: <beans:bean id=”grantedAuthorityDefaults” class=”org.springframework.security.config.core.GrantedAuthorityDefaults”> <beans:constructor-arg value=”” /> </beans:bean>

How to java-configure separate datasources for spring batch data and business data? Should I even do it?

Ok, this is strange but it works. Moving the datasources to it’s own configuration class works just fine and one is able to autowire. The example is a multi-datasource version of Spring Batch Service Example: DataSourceConfiguration: public class DataSourceConfiguration { @Value(“classpath:schema-mysql.sql”) private Resource schemaScript; @Bean @Primary public DataSource hsqldbDataSource() throws SQLException { final SimpleDriverDataSource dataSource … Read more

CharacterEncodingFilter don’t work together with Spring Security 3.2.0

We need to add CharacterEncodingFilter before filters who read request properties for the first time. There is securityFilterChain (stands second. after metrica filter) and we can add our filter inside it. The first filter (inside security chain) who reads properties is CsrfFilter, so we place CharacterEncodingFilter before it. The short solution is: @Configuration @EnableWebMvcSecurity public … Read more

Java Spring Security config – multiple authentication providers

May be this will help you :- @Configuration @EnableWebSecurity @Profile(“container”) public class XSecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private AuthenticationProvider authenticationProvider; @Autowired private AuthenticationProvider authenticationProviderDB; @Override @Order(1) protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.authenticationProvider(authenticationProvider); } @Order(2) protected void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { auth.authenticationProvider(authenticationProviderDB); } @Override public void configure(WebSecurity web) throws Exception { web .ignoring() … Read more

Spring Java Config: how do you create a prototype-scoped @Bean with runtime arguments?

In a @Configuration class, a @Bean method like so @Bean @Scope(“prototype”) public Thing thing(String name) { return new Thing(name); } is used to register a bean definition and provide the factory for creating the bean. The bean that it defines is only instantiated upon request using arguments that are determined either directly or through scanning … Read more

How To Inject AuthenticationManager using Java Configuration in a Custom Filter

Override method authenticationManagerBean in WebSecurityConfigurerAdapter to expose the AuthenticationManager built using configure(AuthenticationManagerBuilder) as a Spring bean: For example: @Bean(name = BeanIds.AUTHENTICATION_MANAGER) @Override public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); }