Skip to content
Advertisement

Why do I have to set AuthenticationManager twice

In my application I’ve implemented X.509 authentication

I created the following class named X509AuthenticationFilter that extends AbstractPreAuthenticatedProcessingFilter provided by spring security by default.

I added my own AuthenticationManager to the class

private AuthenticationManager authenticationManager

And also included the following setter

public void setAuthenticationManager(AuthenticationManager authenticationManager)
{
    this.authenticationManager = authenticationManager;
}

The bean is initialized in the spring-security.xml like so:

<beans:bean id="x509AuthenticationFilter" class="com.example.sec.x509.X509AuthenticationFilter">
    <beans:property name="authenticationManager" ref="authenticationManager"/>
</beans:bean>

The bean named authenticationManager does exist and it’s present in the spring context.

However, given such configuration I get the following startup error:

An AuthenticationManager must be set

For some reason the AuthenticationManager is deliberately set to null in the superclass. Later on afterPropertiesSet() gets called and unfortunately throws the exception.

The only workaround I came up with is changing the setter in my own class to the following:

public void setAuthenticationManager(AuthenticationManager authenticationManager)
{
    super.setAuthenticationManager(authenticationManager);
    this.authenticationManager = authenticationManager;
}

Is there a better solution?

Advertisement

Answer

I added my own AuthenticationManager to the class

So you effectively shadowed existing authenticationManager instance declared in AbstractPreAuthenticatedProcessingFilter.

If you don’t need to access AuthenticationManager from within your X509AuthenticationFilter, just don’t declare it. If you do, you will have to call super setter as you’re already doing.

Maybe authenticationManager should be declared protected in AbstractPreAuthenticatedProcessingFilter, which would resolve this situation cleanly …

User contributions licensed under: CC BY-SA
9 People found this is helpful
Advertisement