I think there is no need at this point to change the implementations. I figured I want to use our own user database and for this I'll need to replace teh authentication provider. So I switched to our own authentication provider which works for a basic spring security setup without oauth. Unfortunatelty, with OAuth, it does not work any more.... any ideas?
Code:
<authentication-manager>
<authentication-provider ref="coreAuthenticationProvider"/>
<!--
<authentication-provider>
<user-service>
<user name="sven" password="nevs" authorities="ROLE_USER, ROLE_ADMIN" />
<user name="demo" password="1234" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
-->
</authentication-manager>
<beans:bean id="coreAuthenticationProvider" class="...MyAuthenticationProvider">
<beans:property name="userDetailsService" ref="coreUserDetailsService" />
</beans:bean>
<beans:bean id="coreUserDetailsService" class="...CoreUserDetailsService" />
I digged into our authentication provider and found the supports method. I got the feeling the provider simply feels not responsible for handlinig oauth requests, returns false here and then no other provider is there... I find it a bit strange that spring does not throw an exception in this case, I would have expected that.
this is the supports method of the provider:
Code:
@Override
public boolean supports(final Class authentication)
{
log.debug(authentication.getClass().getName());
final boolean supports = (RememberMeAuthenticationToken.class.isAssignableFrom(authentication))
|| (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));
return supports;
}
If anyone does know another reason why this might fail please let me know!
Thanx!
Member
Provider request filters - automatically registered/
Posting Permissions
Reply With Quote