Spring-Boot-Security: Custom Authenticator

Tags: , , ,



I am starting with Spring-Boot and have an application with WebSecurity. Its working fine, I have InMemory Authentication with static user/passwords.

Now I have no need for DB or LDAP or …

@Override
public void configure (AuthenticationManagerBuilder auth) throws Exception
{
    auth.inMemoryAuthentication ()
        .withUser ("sam").
        .password (passwordEncoder ().encode ("secret"))
        .authorities ("ROLE_USER");
}

But I want to build a custom authenticator that uses dynamic data (e.g. password has current time in it).

How to implement a custom authenticator? How can I see username and password and implement a check?

Thanks for help!

Answer

To provide custom authentication you can refer to this link https://youtu.be/TNt3GHuayXs and for seeing the username and password to check you can use principal object like this

 Object principal= SecurityContextHolder.getContext().getAuthentication().getPrincipal();

Let me know if you need more info



Source: stackoverflow