java - Using multiple WebSecurityConfigurerAdapter with different AuthenticationProviders (basic auth for API and LDAP for web app) -


according spring security reference section 5.7 should possible define more 1 security adapter.

i try same without success. after server reboot, first x times api works fine basic auth, after couple of times i'm redirected login (form) page, should happen our web app, not api calls.

my code:

@enablewebsecurity public class multihttpsecurityconfig  {      @configuration     @order(1)     public static class apiwebsecurityconfigurationadapter extends websecurityconfigureradapter {          @autowired         private environment env;          @autowired         public void configureglobal(authenticationmanagerbuilder auth) throws exception {             auth.inmemoryauthentication().                 withuser("admin").password("pw_test").roles(api_role);         }          protected void configure(httpsecurity http) throws exception {             http               .antmatcher("/services/**")               .authorizerequests()               .anyrequest().hasrole(api_role)               .and()               .httpbasic()               .and()               .csrf()               .disable();         }     }      @configuration     @order(2)     public static class formloginwebsecurityconfigureradapter extends websecurityconfigureradapter {          @autowired         private environment env;          @autowired         public void configureglobal(authenticationmanagerbuilder auth) throws exception {             auth.authenticationprovider(activedirectoryldapauthenticationprovider());             auth.erasecredentials(false);         }          @override         protected void configure(httpsecurity http) throws exception {             // ldap form authentication             http.authorizerequests()                 .antmatchers("/login.html").permitall()                 .antmatchers("/css/**").permitall()                  .antmatchers("/js/**").permitall()                  .antmatchers("/images/**").permitall()                  .anyrequest().authenticated()             .and().formlogin()                 .failureurl("/login.html?error=1")                 .loginpage("/login.html")                 .loginprocessingurl("/j_spring_security_check")                 .defaultsuccessurl("/success.html")                 .usernameparameter("j_username")                 .passwordparameter("j_password")                 .permitall();              http.csrf().disable();              // iframes settings             http                 .headers()                 .frameoptions().sameorigin()                 .httpstricttransportsecurity().disable();              // https             http                 .requireschannel()                 .anyrequest()                 .requiressecure();              //map 8080 https port             http.portmapper().http(8080).mapsto(443);         }          @bean         public authenticationprovider activedirectoryldapauthenticationprovider() {             customldapauthenticationprovider provider = new customldapauthenticationprovider(env.getproperty("ldap.domain"), env.getproperty("ldap.url"), env.getproperty("ldap.base"));             provider.setconvertsuberrorcodestoexceptions(true);             provider.setuseauthenticationrequestcredentials(true);             return provider;         }     } }

any idea?

i'm using spring boot version 1.4.1-release , spring security version 4.1.3-release.

you use same authenticationmanager both configurations, because autowire same authenticationmanagerbuilder.

see spring security architecture:

@configuration public class applicationsecurity extends websecurityconfigureradapter {      ... // web stuff here      @autowired     public initialize(authenticationmanagerbuilder builder, datasource datasource) {         auth.jdbcauthentication().datasource(datasource).withuser("dave")             .password("secret").roles("user");     }  }

this example relates web application, usage of authenticationmanagerbuilder more applicable (see below more detail on how web application security implemented). note authenticationmanagerbuilder @autowired method in @bean - makes build global (parent) authenticationmanager. in contrast if had done way:

@configuration public class applicationsecurity extends websecurityconfigureradapter {      @autowired     datasource datasource;      ... // web stuff here      @override     public configure(authenticationmanagerbuilder builder) {         auth.jdbcauthentication().datasource(datasource).withuser("dave")             .password("secret").roles("user");     }  }

(using @override of method in configurer) authenticationmanagerbuilder used build "local" authenticationmanager, child of global one.


-

Comments

Post a Comment

Popular posts from this blog

python - How to insert QWidgets in the middle of a Layout? -

Image
i'm using qt framework build graphical user interface. use qgridlayout position qwidgets neatly. gui looks this: my application regularly adds new widgets gui @ runtime. these new widgets not added @ end of qlayout, somewhere in middle. the procedure bit cumbersome. applied on figure above, need take out widg_c , widg_d , ... qgridlayout. next, add widg_x and widg_y , , put other widgets again. how remove widgets qgridlayout: for in reversed(range(mygridlayout.count())): self.itemat(i).widget().setparent(none) ### as long you're dealing small amount of widgets, procedure not disaster. in application display lot of small widgets - perhaps 50 or more! application freezes second while procedure ongoing, annoying user. there way insert widgets somewhere in qlayout, without need take out other widgets? edit: apparently solution qvboxlayout simple. use function insertwidget(..) instead of addwidget(..) . docs can found link: http://doc.qt.io/qt-5/qboxlayou
Read more

python - serve multiple gunicorn django instances under nginx ubuntu -

i need serve 2 webs apps (django) on gunicorn under different domain names using nginx on ubuntu. started using tutorial: https://www.digitalocean.com/community/tutorials/how-to-set-up-django-with-postgres-nginx-and-gunicorn-on-ubuntu-16-04 it worked fine 1 using that. tried same thing second gives me 502 gateway second domain. tried following tutorial: http://michal.karzynski.pl/blog/2013/10/29/serving-multiple-django-applications-with-nginx-gunicorn-supervisor/ i'm @ part run gunicorn start script: sudo bin/gunicorn_start i response: starting webuildblack root traceback (most recent call last): file "/home/devin/webuildblack/bin/gunicorn", line 7, in <module> gunicorn.app.wsgiapp import run importerror: no module named 'gunicorn.app'; 'gunicorn' not package you have named program gunicorn.py gunicorn -package. rename file , remove gunicorn.pyc file.
Read more

module - Prestashop displayPaymentReturn hook url -

i new prestashop developer , trying create paymentmodule. have got show payment method can not proceed purchase because not know hot works. does know should redirect run hooddisplaypaymentreturn method? i happy if explain me complete navigation map make purchase. anyway, can find relation between hooks , pages? when have new module payment rely on simplest provided prestashop: bankwire. inside can find 3 hooks. hookpayment: public function hookpayment($params) { if (!$this->active) return; if (!$this->checkcurrency($params['cart'])) return; $this->smarty->assign(array( 'this_path' => $this->_path, 'this_path_bw' => $this->_path, 'this_path_ssl' => tools::getshopdomainssl(true, true).__ps_base_uri__.'modules/'.$this->name.'/' )); return $this->display(__file__, 'payment.tpl'); } hookdisplaypaymenteu: public fun
Read more