Spring Security Custom Authentication Provider

  • Local db details :Postgresql 13.1, host- server1, port 5432, database — mydb1, users table — myuser
  • Windows AD server details: domain — example.examplegroup.co.in, IP Address — 192.168.1.25
  1. Add following dependencies to pom.xml file
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
</dependency>
<dependency>
<groupId>org.postgresql</groupId>
<artifactId>postgresql</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
spring.datasource.url=jdbc:postgresql://server1:5432/mydb1
spring.datasource.username=pguser
spring.datasource.password=pguser
spring.jpa.show-sql = true
spring.jpa.hibernate.ddl-auto = update
@Entity
public class Myuser {
@Id
private String username;
// constructor, getters, setter methods
}
@Repository
public interface MyuserRepo extends JpaRepository<Myuser, String> {

}
@Service
@Transactional
public class MyuserService {

private final MyuserRepo myuserRepo;

public MyuserService(MyuserRepo myuserRepo) {
this.myuserRepo = myuserRepo;
}
// methods to check whether user exist in the table
public boolean ifExist(String username) {
Optional<Myuser> myuser = myuserRepo.findById(username);
return myuser.isPresent();
}
}
  • Authentication authenticate(Authentication authentication)
  • boolean supports(Class<?> authentication)
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {

private final MyuserService myuserService;
//constructor with field
public CustomAuthenticationProvider( MyuserService myuserService) {
super();
this.myuserService = myuserService;
}
//ActiveDirectoryLdapAuthenticationProvider Bean
@Bean
public AuthenticationProvider activeDirectoryLdapAuthenticationProvider(){

ActiveDirectoryLdapAuthenticationProvider adLdapProvider =
new ActiveDirectoryLdapAuthenticationProvider(
"example.examplegroup.co.in", "ldap://192.168.1.25");
adLdapProvider.setConvertSubErrorCodesToExceptions(true); return adLdapProvider;
}


@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
// get username
String username = authentication.getName();
//check whether user exist in myuser table
boolean ifPresent = epuserService.findOne(username);

if(ifPresent) {
return activeDirectoryLdapAuthenticationProvider()
.authenticate(authentication);
}
else throw new UsernameNotFoundException("User not found.");

}

@Override
public boolean supports(Class<?> authentication) {
return authentication
.equals(UsernamePasswordAuthenticationToken.class);
}

}
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter{

private CustomAuthenticationProvider customAuthProvider;

//constructor
public WebSecurityConfig (CustomAuthenticationProvider customAuthProvider ) {
super();
this.customAuthProvider = customAuthProvider;
}

@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest()
.fullyAuthenticated()
.and()
.formLogin();
}
@Override
protected void configure( AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider( customAuthProvider);
}

}

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Himanshu Pratap

Himanshu Pratap

System Administrator and Full stack web developer.