Results 1 to 2 of 2

Thread: Different authenticationDao for different URL Mappings

  1. Nov 11th, 2004, 12:51 PM #1
    mediaslave
    mediaslave is offline Junior Member
    Join Date
    Oct 2004
    Location
    Washington, DC
    Posts
    20

    Default Different authenticationDao for different URL Mappings

    Hello, I have a scenario where I have two types of users that need to be authenticated in different ways. User type A needs to be authenticated via Active Directory, and User Type B needs to be authenticated by a web service call. What I want to do is to have multiple url mappings and a different authenticationDao associated with each mapping.

    Is this correctly possible, and if so what would be the best way from me to do this?

    Thanks for any help,
    Tyler
  2. Nov 11th, 2004, 02:49 PM #2
    Ben Alex
    Ben Alex is offline Senior Member Spring Team
    Join Date
    Aug 2004
    Location
    Sydney, Australia
    Posts
    2,768

    Default

    Your SecurityEnforcementFilter can only launch one AuthenticationEntryPoint. So you'll probably need to write a custom AuthenticationEntryPoint to "launch" the appropriate authentication based on the URI. For example, launch AuthenticationProcessingFilterEntryPoint if an interactive user or BasicProcessingFilter if a web service. Then again, you could just decide all web services should know they need to present BASIC credentials and just use AuthenticationProcessingFilterEntryPoint outright.

    As for the different authentication mechanisms delegating to different authentication backends, your BasicProcessingFilter and AuthenticationProcessingFilter will process the authentication requests. It's probably easiest therefore to wire up separate AuthenticationManagers and AuthenticationProviders for each authentication mechanism, connecting the correct AuthenticationManager bean to the respective XxxxProcessingFilter.

    Alternatively, have both BasicProcessingFilter and AuthenticationProcessingFilter delegate to the standard single AuthenticationManager and the standard DaoAuthenticationProvider. Simply write a custom AuthenticationDao that can poll a series of AuthenticationDao beans. Thus a username will first try to be found against your (say) JdbcAuthenticationDao and then an ActiveDirectoryAuthenticationDao.

    Note also you might need to use PasswordDaoAuthenticationProvider rather than DaoAuthenticationProvider, as the Active Directory DAO might need both the username and password so it can attempt binding.
« Previous Thread | Next Thread »

Similar Threads

  1. Custom AuthenticationDao wiring question
    By feenixx in forum Security
    Replies: 2
    Last Post: Sep 24th, 2005, 04:56 AM
  2. Reloading servlet.xml handler mappings on the fly?
    By adcspring in forum Web
    Replies: 3
    Last Post: Sep 9th, 2005, 06:17 AM
  3. Hibernate based AuthenticationDao issues
    By rwallace in forum Security
    Replies: 12
    Last Post: Aug 10th, 2005, 02:00 PM
  4. Using different handler interceptors for different mappings
    By johnny2005 in forum Web
    Replies: 1
    Last Post: Feb 20th, 2005, 03:39 AM
  5. Problem with dynamically loading hibernate mappings files
    By biggs in forum Data
    Replies: 1
    Last Post: Jan 19th, 2005, 11:22 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules