Spring Security Custom Authentication Provider

  • Local db details :Postgresql 13.1, host- server1, port 5432, database — mydb1, users table — myuser
  • Windows AD server details: domain — example.examplegroup.co.in, IP Address — 192.168.1.25
  1. Add following dependencies to pom.xml file
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
</dependency>
<dependency>
<groupId>org.postgresql</groupId>
<artifactId>postgresql</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
spring.datasource.url=jdbc:postgresql://server1:5432/mydb1
spring.datasource.username=pguser
spring.datasource.password=pguser
spring.jpa.show-sql = true
spring.jpa.hibernate.ddl-auto = update
@Entity
public class Myuser {
@Id
private String username;
// constructor, getters, setter methods
}
@Repository
public interface MyuserRepo extends JpaRepository<Myuser, String> {

}
@Service
@Transactional
public class MyuserService {

private final MyuserRepo myuserRepo;

public MyuserService(MyuserRepo myuserRepo) {
this.myuserRepo = myuserRepo;
}
// methods to check whether user exist in the table
public boolean ifExist(String username) {
Optional<Myuser> myuser = myuserRepo.findById(username);
return myuser.isPresent();
}
}
  • Authentication authenticate(Authentication authentication)
  • boolean supports(Class<?> authentication)
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {

private final MyuserService myuserService;
//constructor with field
public CustomAuthenticationProvider( MyuserService myuserService) {
super();
this.myuserService = myuserService;
}
//ActiveDirectoryLdapAuthenticationProvider Bean
@Bean
public AuthenticationProvider activeDirectoryLdapAuthenticationProvider(){

ActiveDirectoryLdapAuthenticationProvider adLdapProvider =
new ActiveDirectoryLdapAuthenticationProvider(
"example.examplegroup.co.in", "ldap://192.168.1.25");
adLdapProvider.setConvertSubErrorCodesToExceptions(true); return adLdapProvider;
}


@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
// get username
String username = authentication.getName();
//check whether user exist in myuser table
boolean ifPresent = epuserService.findOne(username);

if(ifPresent) {
return activeDirectoryLdapAuthenticationProvider()
.authenticate(authentication);
}
else throw new UsernameNotFoundException("User not found.");

}

@Override
public boolean supports(Class<?> authentication) {
return authentication
.equals(UsernamePasswordAuthenticationToken.class);
}

}
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter{

private CustomAuthenticationProvider customAuthProvider;

//constructor
public WebSecurityConfig (CustomAuthenticationProvider customAuthProvider ) {
super();
this.customAuthProvider = customAuthProvider;
}

@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest()
.fullyAuthenticated()
.and()
.formLogin();
}
@Override
protected void configure( AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider( customAuthProvider);
}

}

--

--

--

System Administrator and Full stack web developer.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Getting started with free AWS Sagemaker Studio Lab

Accurate Meaning of 6.1K Full Form?

SKB — Scala List parallel

How to Find the Password of a WiFi Network | AirCrack-ng Tutorial

How to enable HTTPS on live server ( Visual Studio Code)

Developer Path #1 — Finding an Idea

Managing Terraform States in Remote Locations:

Examples for floating point errors in computers

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Himanshu Pratap

Himanshu Pratap

System Administrator and Full stack web developer.

More from Medium

Loan Payment System using Spring Boot — Fraction Interview Challenge

Add Auth0 authentication to a Java application using Datawiza in 5 mins

Create Rest API E-Wallet MVP (Spring Boot Basic — Part 1)

Offset Pagination for LDAP (Lightweight Directory Access Protocol) (Java)