java


Spring-Security with two authentication managers


<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:beans="http://www.springframework.org/schema/beans"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.2.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd">
<http security="none" pattern="/resources/**"/>
<http use-expressions="true" auto-config="true" pattern="/rest/sales/**" authentication-manager-ref="salesAuth" disable-url-rewriting="true">
<intercept-url pattern="/rest/sales/**" access="hasRole('ROLE_SALESMANAGER')"/>
<form-login login-page="/rest/checkSales/salesLogin"
default-target-url="/rest/sales/getSalesManagerHome"
authentication-failure-url="/rest/checkSales/adminLogin?error"
username-parameter="emailId"
password-parameter="password"
login-processing-url="/auth/ogin_check"
always-use-default-target="true"
/>
<logout invalidate-session="true" logout-success-url="/rest/check/adminlogout" delete-cookies="JSESSIONID" />
<csrf />
</http>
<!-- enable use-expressions -->
<http auto-config="true" use-expressions="true" >
<headers>
<cache-control />
</headers>
<intercept-url pattern="/rest/admin/**" access="hasRole('ROLE_ADMIN')" />
<intercept-url pattern="/rest/sales/**" access="hasRole('ROLE_SALESMANAGER')" />
<form-login login-page="/rest/check/adminLogin"
default-target-url="/rest/admin/adminDashBoard"
authentication-failure-url="/rest/check/adminLogin?error"
username-parameter="emailId"
password-parameter="password"
login-processing-url="/auth/login_check"
always-use-default-target="true"
/>
<logout invalidate-session="true" logout-success-url="/rest/check/adminlogout" delete-cookies="JSESSIONID" />
<csrf />
</http>
<!-- Select users and user_roles from database -->
<authentication-manager erase-credentials="true">
<authentication-provider >
<password-encoder ref="encoder" />
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select email_id,password, organization_staff_id from organization_staff where email_id=?"
authorities-by-username-query="select email_id, staff_type from organization_staff where email_id=?" />
</authentication-provider>
</authentication-manager>
<authentication-manager erase-credentials="true" alias="salesAuth">
<authentication-provider >
<password-encoder ref="encoder" />
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select email_id,password, organization_staff_id from organization_staff where email_id=?"
authorities-by-username-query="select email_id, staff_type from organization_staff where email_id=?" />
</authentication-provider>
</authentication-manager>
<beans:bean id="encoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder">
<beans:constructor-arg name="strength" value="10" />
</beans:bean>
</beans:beans>
The problem is with second authentication-manager is overriding anthor authentication manager, i.e. always second authentication manager get executing. Here I am using two custom login pages for two different modules in my project, or tell me how to apply Spring Security for two custom login pages in one project.
You have to give your <authentication-manager> an id attribute not an alias, otherwise the second declaration overrides the first. And then I think you should remove the authentication-manager-ref attribute.
This has been asked on the old spring forum and answered by Luke Taylor (anyone who read Spring security source code will have seen his name a lot) here

Related Links

Wrong position of items after using a customAdapter
Issue adding Coinbase Exchange API Library to Eclipse Project
How to fix this infinite loop? (AP Computer Science)
Making a logarithmic spiral in Java
Problems with if/else statements nested in a while loop
Play framework 2.4 form fill does not work
After Compiling Project With Javafx Maven Plugin, Program Cant Locate Resources
Removing one object from multiple ArrayLists
How to inform method which comparision use
Positions of matrices
Android Toolbar Subtitlte to a String
Readkey() in java : how to do it?
How do I use different classes as member for one class?
Java: SplashScreen - Setting it up
How to select the first occurence of a word using java regex package.a
Counting the total of an int array

Categories

HOME
winforms
wso2-am
pypi
google-play
smarty
fft
yahoo-oauth
rubygems
electronics
installshield
fingerprint
opengl-es-2.0
ios-charts
nano-server
google-cloud-ml
circular-dependency
dtrace
fallback
ibm-odm
netflix
saxon
pc
angular-ui
interop
nhibernate-envers
samoa
google-cloud-speech
conemu
visjs
css-animations
wkwebview
dcevm
realex-payments-api
zurb-foundation-6
microsoft-r
emgucv
sparse-matrix
virtualdub
buck
wtx
facebook-apps
gitignore
unboundid
frame
noraui
framemaker
form-data
html5-fullscreen
ios5
plsql-psp
retina-display
automake
multilingual
mapzen
galen
nand2tetris
slick-3.0
termination
strptime
dandelion
datastax-startup
aurelia-validation
csound
magma
titanium-android
parallel-data-warehouse
libpng
thrust
react-native-listview
blackberry-10
make-install
two-factor-authentication
xpath-1.0
netmq
phpcas
uid
freedesktop.org
javax.sound.midi
qtableview
collapse
purge
dukescript
varargs
interrupted-exception
graph-drawing
generic-programming
sortedlist
npapi
sorl-thumbnail
terminfo
eol
p4java
undefined-reference
prettify
multiprocessor
cdc
quartz-graphics
random-seed
enterprisedb
e4x
armcc
coercion
yetanotherforum
android-sdk-2.1
asp.net-profiles
webkit.net
brewmp
libs
yagni
mediarss
commodore
ajax-forms

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App