I am starting with Spring-Boot and have an application with WebSecurity. Its working fine, I have InMemory Authentication with static user/passwords.
Now I have no need for DB or LDAP or …
@Override
public void configure (AuthenticationManagerBuilder auth) throws Exception
{
auth.inMemoryAuthentication ()
.withUser ("sam").
.password (passwordEncoder ().encode ("secret"))
.authorities ("ROLE_USER");
}
But I want to build a custom authenticator that uses dynamic data (e.g. password has current time in it).
How to implement a custom authenticator? How can I see username and password and implement a check?
Thanks for help!
Advertisement
Answer
To provide custom authentication you can refer to this link https://youtu.be/TNt3GHuayXs and for seeing the username and password to check you can use principal object like this
Object principal= SecurityContextHolder.getContext().getAuthentication().getPrincipal();
Let me know if you need more info