|
41 | 41 | import org.springframework.security.access.expression.SecurityExpressionHandler;
|
42 | 42 | import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
|
43 | 43 | import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl;
|
| 44 | +import org.springframework.security.authentication.AuthenticationManager; |
| 45 | +import org.springframework.security.authentication.AuthenticationProvider; |
| 46 | +import org.springframework.security.authentication.ProviderManager; |
44 | 47 | import org.springframework.security.authentication.TestingAuthenticationToken;
|
| 48 | +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; |
45 | 49 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
46 | 50 | import org.springframework.security.config.annotation.authentication.configuration.EnableGlobalAuthentication;
|
47 | 51 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
48 | 52 | import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
49 | 53 | import org.springframework.security.config.test.SpringTestRule;
|
50 | 54 | import org.springframework.security.config.users.AuthenticationTestConfiguration;
|
51 | 55 | import org.springframework.security.core.Authentication;
|
| 56 | +import org.springframework.security.core.AuthenticationException; |
52 | 57 | import org.springframework.security.web.FilterChainProxy;
|
53 | 58 | import org.springframework.security.web.FilterInvocation;
|
54 | 59 | import org.springframework.security.web.SecurityFilterChain;
|
@@ -253,7 +258,6 @@ public void loadConfigWhenBothAdapterAndFilterChainConfiguredThenException() {
|
253 | 258 | .isThrownBy(() -> this.spring.register(AdapterAndFilterChainConfig.class).autowire())
|
254 | 259 | .withRootCauseExactlyInstanceOf(IllegalStateException.class)
|
255 | 260 | .withMessageContaining("Found WebSecurityConfigurerAdapter as well as SecurityFilterChain.");
|
256 |
| - |
257 | 261 | }
|
258 | 262 |
|
259 | 263 | @Test
|
@@ -326,6 +330,19 @@ public void loadConfigWhenCustomizerAndAdapterConfigureWebSecurityThenBothConfig
|
326 | 330 | assertThat(filterChains.get(1).getFilters()).isEmpty();
|
327 | 331 | }
|
328 | 332 |
|
| 333 | + @Test |
| 334 | + public void loadConfigWhenMultipleAuthenticationManagersAndWebSecurityConfigurerAdapterThenConfigurationApplied() { |
| 335 | + this.spring.register(MultipleAuthenticationManagersConfig.class).autowire(); |
| 336 | + FilterChainProxy filterChainProxy = this.spring.getContext().getBean(FilterChainProxy.class); |
| 337 | + List<SecurityFilterChain> filterChains = filterChainProxy.getFilterChains(); |
| 338 | + assertThat(filterChains).hasSize(2); |
| 339 | + MockHttpServletRequest request = new MockHttpServletRequest("GET", ""); |
| 340 | + request.setServletPath("/role1"); |
| 341 | + assertThat(filterChains.get(0).matches(request)).isTrue(); |
| 342 | + request.setServletPath("/role2"); |
| 343 | + assertThat(filterChains.get(1).matches(request)).isTrue(); |
| 344 | + } |
| 345 | + |
329 | 346 | @EnableWebSecurity
|
330 | 347 | @Import(AuthenticationTestConfiguration.class)
|
331 | 348 | static class SortedWebSecurityConfigurerAdaptersConfig {
|
@@ -834,4 +851,72 @@ public void configure(WebSecurity web) throws Exception {
|
834 | 851 |
|
835 | 852 | }
|
836 | 853 |
|
| 854 | + @EnableWebSecurity |
| 855 | + static class MultipleAuthenticationManagersConfig { |
| 856 | + |
| 857 | + @Bean("authManager1") |
| 858 | + static AuthenticationManager authenticationManager1() { |
| 859 | + return new ProviderManager(new AuthenticationProvider() { |
| 860 | + @Override |
| 861 | + public Authentication authenticate(Authentication authentication) throws AuthenticationException { |
| 862 | + return new UsernamePasswordAuthenticationToken("user", "credentials"); |
| 863 | + } |
| 864 | + |
| 865 | + @Override |
| 866 | + public boolean supports(Class<?> authentication) { |
| 867 | + return false; |
| 868 | + } |
| 869 | + }); |
| 870 | + } |
| 871 | + |
| 872 | + @Bean("authManager2") |
| 873 | + static AuthenticationManager authenticationManager2() { |
| 874 | + return new ProviderManager(new AuthenticationProvider() { |
| 875 | + @Override |
| 876 | + public Authentication authenticate(Authentication authentication) throws AuthenticationException { |
| 877 | + return new UsernamePasswordAuthenticationToken("subuser", "credentials"); |
| 878 | + } |
| 879 | + |
| 880 | + @Override |
| 881 | + public boolean supports(Class<?> authentication) { |
| 882 | + return false; |
| 883 | + } |
| 884 | + }); |
| 885 | + } |
| 886 | + |
| 887 | + @Configuration |
| 888 | + @Order(1) |
| 889 | + public static class SecurityConfig1 extends WebSecurityConfigurerAdapter { |
| 890 | + |
| 891 | + @Override |
| 892 | + protected AuthenticationManager authenticationManager() { |
| 893 | + return authenticationManager1(); |
| 894 | + } |
| 895 | + |
| 896 | + @Override |
| 897 | + protected void configure(HttpSecurity http) throws Exception { |
| 898 | + // @formatter:off |
| 899 | + http |
| 900 | + .antMatcher("/role1/**") |
| 901 | + .authorizeRequests((authorize) -> authorize |
| 902 | + .anyRequest().hasRole("1") |
| 903 | + ); |
| 904 | + // @formatter:on |
| 905 | + } |
| 906 | + |
| 907 | + } |
| 908 | + |
| 909 | + @Configuration |
| 910 | + @Order(2) |
| 911 | + public static class SecurityConfig2 extends WebSecurityConfigurerAdapter { |
| 912 | + |
| 913 | + @Override |
| 914 | + protected AuthenticationManager authenticationManager() { |
| 915 | + return authenticationManager2(); |
| 916 | + } |
| 917 | + |
| 918 | + } |
| 919 | + |
| 920 | + } |
| 921 | + |
837 | 922 | }
|
0 commit comments