Custom Authentication Provider
Bonjour,
J'ai besoin d'implémenter ma propre méthode d'authentification.
Pour cela, j'ai implémenté AuthenticationProvider, mais ma configuration ne semble pas bonne. L'authentification échoue systématiquement sans passer par le provider.
Ma conf SpringSecurity
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
|
<http>
<intercept-url pattern="/pages/user/**" access="ROLE_USER"/>
<intercept-url pattern="/pages/admin/**" access="ROLE_ADMIN"/>
<form-login login-page="/pages/connexion.jsf"
default-target-url="/pages/accueil.jsf"
authentication-failure-url="/pages/loginfail.jsf"/>
<http-basic/>
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider ref="authProvider"/>
</authentication-manager>
<beans:bean id="authProvider" class="security.MyAuthenticationProvider"/> |
Mon provider est tout simple pour l'instant
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39
|
public class MyAuthenticationProvider
extends AbstractUserDetailsAuthenticationProvider {
//@Override
public UserDetails loadUserByUsername(String login)
throws UsernameNotFoundException, DataAccessException {
return new MyUserDetails(login, "password", RoleEnum.END_USER);
}
@Override
public Authentication authenticate(Authentication auth)
throws AuthenticationException {
Object login = auth.getPrincipal();
Object password = auth.getCredentials();
auth.setAuthenticated(login != null && password != null);
return auth;
}
@Override
public boolean supports(Class<? extends Object> arg0) {
return true;
}
@Override
protected void additionalAuthenticationChecks(UserDetails arg0,
UsernamePasswordAuthenticationToken arg1)
throws AuthenticationException {
}
@Override
protected UserDetails retrieveUser(String arg0,
UsernamePasswordAuthenticationToken arg1)
throws AuthenticationException {
return loadUserByUsername(arg0);
}
} |