Custom Authentication Provider - No AuthenticationProvider found
I am trying to use Spring Security with a custom Authentication Provider. I need to use a custom Authentication Provide becuase username/password validation needs to be done through the TopSecret API which exists on the mainframe which is exposed to a webservice.
When I try and login I keep getting a "No AuthenticationProvider found for org.springframework.security.authentication.Userna mePasswordAuthenticationToken.". There must be some disconnect that I am missing.
Code is as follows
This class isn't getting called. It is just implementing basic authentication for testing.Code:<?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"> <http pattern="/css/**" security="none"/> <http pattern="/images/**" security="none"/> <http pattern="/js/**" security="none"/> <http pattern="/pages/Login.jsp*" security="none"/> <http auto-config='true'> <intercept-url pattern="/**" access="ROLE_USER" /> <form-login login-page="/pages/Login.jsp" authentication-failure-url="/pages/Login.jsp?login_error=1" default-target-url='/mainSearch.do' always-use-default-target='true'/> <session-management> <concurrency-control max-sessions="1" error-if-maximum-exceeded="true" /> </session-management> </http> <authentication-manager alias="authenticationManager"> <authentication-provider ref="topSecretAuthenticationProvider" /> </authentication-manager> <beans:bean id="topSecretAuthenticationProvider" class="com.ams.cms.security.TopSecretAuthenticationProvider" /> <!-- Automatically receives AuthenticationEvent messages --> <beans:bean id="loggerListener" class="org.springframework.security.authentication.event.LoggerListener"/> </beans:beans>
Any Ideas??Code:public class TopSecretAuthenticationProvider implements AuthenticationProvider { @SuppressWarnings("serial") private static Map<String, String> SIMPLE_USERS = new HashMap<String, String>(2) {{ put("joe", "joe"); put("bob", "bob"); }}; @SuppressWarnings("serial" ) private static List<GrantedAuthority> AUTHORITIES = new ArrayList<GrantedAuthority>(1) {{ add(new GrantedAuthorityImpl("ROLE_USER")); }}; @Override public Authentication authenticate(Authentication auth) throws AuthenticationException { // All your user authentication needs System.out.println("==Authenticate Me=="); if (SIMPLE_USERS.containsKey(auth.getPrincipal()) && SIMPLE_USERS.get(auth.getPrincipal()).equals(auth.getCredentials())) { return new UsernamePasswordAuthenticationToken(auth.getName(), auth.getCredentials(), AUTHORITIES); } throw new BadCredentialsException("Username/Password does not match for " + auth.getPrincipal()); } }
