Refactor AuthenticationManagerConfiguration to make sure it works

if user also adds @EnableWebMvcSecurity. The problem is that the ordering
of the init() and configure() methods in the Spring Security configurers
can force things to happen too early unless we are careful. It's still a bit
twitchy I would say, but this relatively small change seems to fix the GS guide
and not break any existing tests.

I added a sample which mimic ths GS guide so we get an integration test that
executes the new code paths.

Fixes gh-1364
This commit is contained in:
Dave Syer
2014-08-11 17:39:35 -07:00
parent 9a7a4a46c9
commit 0cf1c6f0e5
13 changed files with 402 additions and 36 deletions

View File

@@ -28,7 +28,6 @@ import org.springframework.context.annotation.PropertySource;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
@@ -58,8 +57,8 @@ public class SampleSecureApplicationTests {
@Before
public void init() {
AuthenticationManager authenticationManager = this.context.getBean(
AuthenticationManagerBuilder.class).getOrBuild();
AuthenticationManager authenticationManager = this.context
.getBean(AuthenticationManager.class);
this.authentication = authenticationManager
.authenticate(new UsernamePasswordAuthenticationToken("user", "password"));
}