Examples of org.springframework.security.authentication.ProviderManager$NullEventPublisher

• org.springframework.security.authentication.ProviderManager
  Iterates an {@link Authentication} request through a list of {@link AuthenticationProvider}s.

  AuthenticationProviders are usually tried in order until one provides a non-null response. A non-null response indicates the provider had authority to decide on the authentication request and no further providers are tried. If a subsequent provider successfully authenticates the request, the earlier authentication exception is disregarded and the successful authentication will be used. If no subsequent provider provides a non-null response, or a new AuthenticationException, the last AuthenticationException received will be used. If no provider returns a non-null response, or indicates it can even process an Authentication, the ProviderManager will throw a ProviderNotFoundException. A parent {@code AuthenticationManager} can also be set, and this will also be tried if none of the configuredproviders can perform the authentication. This is intended to support namespace configuration options though and is not a feature that should normally be required.

  The exception to this process is when a provider throws an {@link AccountStatusException}, in which case no further providers in the list will be queried. Post-authentication, the credentials will be cleared from the returned {@code Authentication} object, if itimplements the {@link CredentialsContainer} interface. This behaviour can be controlled by modifying the{@link #setEraseCredentialsAfterAuthentication(boolean) eraseCredentialsAfterAuthentication} property.

  Event Publishing

  Authentication event publishing is delegated to the configured {@link AuthenticationEventPublisher} which defaultsto a null implementation which doesn't publish events, so if you are configuring the bean yourself you must inject a publisher bean if you want to receive events. The standard implementation is {@link DefaultAuthenticationEventPublisher}which maps common exceptions to events (in the case of authentication failure) and publishes an {@link org.springframework.security.authentication.event.AuthenticationSuccessEvent AuthenticationSuccessEvent} ifauthentication succeeds. If you are using the namespace then an instance of this bean will be used automatically by the <http> configuration, so you will receive events from the web part of your application automatically.

  Note that the implementation also publishes authentication failure events when it obtains an authentication result (or an exception) from the "parent" {@code AuthenticationManager} if one has been set. So in this situation, theparent should not generally be configured to publish events or there will be duplicates. @author Ben Alex @author Luke Taylor @see DefaultAuthenticationEventPublisher

    @Marker( SpringSecurityServices.class )
    public static AuthenticationManager buildAuthenticationManager( final List<AuthenticationProvider> providers )
            throws Exception {

        final ProviderManager manager = new ProviderManager(providers);
        manager.afterPropertiesSet();
        return manager;
    }

    @Marker( SpringSecurityServices.class )
    public static AuthenticationManager buildAuthenticationManager( final List<AuthenticationProvider> providers )
            throws Exception {

        final ProviderManager manager = new ProviderManager(providers);
        manager.afterPropertiesSet();
        return manager;
    }

    public void eventsArePublishedByDefault() throws Exception {
        setContext(CONTEXT);
        AuthListener listener = new AuthListener();
        appContext.addApplicationListener(listener);

        ProviderManager pm = (ProviderManager) appContext.getBeansOfType(ProviderManager.class).values().toArray()[0];
        Object eventPublisher = FieldUtils.getFieldValue(pm, "eventPublisher");
        assertNotNull(eventPublisher);
        assertTrue(eventPublisher instanceof DefaultAuthenticationEventPublisher);

        pm.authenticate(new UsernamePasswordAuthenticationToken("bob", "bobspassword"));
        assertEquals(1, listener.events.size());
    }

    }

    @Test
    public void credentialsAreClearedByDefault() throws Exception {
        setContext(CONTEXT);
        ProviderManager pm = (ProviderManager) appContext.getBeansOfType(ProviderManager.class).values().toArray()[0];
        assertTrue(pm.isEraseCredentialsAfterAuthentication());
    }

    }

    @Test
    public void clearCredentialsPropertyIsRespected() throws Exception {
        setContext("<authentication-manager erase-credentials='false'/>");
        ProviderManager pm = (ProviderManager) appContext.getBeansOfType(ProviderManager.class).values().toArray()[0];
        assertFalse(pm.isEraseCredentialsAfterAuthentication());
    }

    protected ProviderManager performBuild() throws Exception {
        if(!isConfigured()) {
            logger.debug("No authenticationProviders and no parentAuthenticationManager defined. Returning null.");
            return null;
        }
        ProviderManager providerManager = new ProviderManager(authenticationProviders, parentAuthenticationManager);
        if(eraseCredentials != null) {
            providerManager.setEraseCredentialsAfterAuthentication(eraseCredentials);
        }
        if(eventPublisher != null) {
            providerManager.setAuthenticationEventPublisher(eventPublisher);
        }
        providerManager = postProcess(providerManager);
        return providerManager;
    }

                "<authentication-manager>" +
                "  <authentication-provider>" +
                "    <jdbc-user-service cache-ref='userCache' data-source-ref='dataSource'/>" +
                "  </authentication-provider>" +
                "</authentication-manager>" + DATA_SOURCE + USER_CACHE_XML);
        ProviderManager mgr = (ProviderManager) appContext.getBean(BeanIds.AUTHENTICATION_MANAGER);
        DaoAuthenticationProvider provider = (DaoAuthenticationProvider) mgr.getProviders().get(0);
        assertSame(provider.getUserCache(), appContext.getBean("userCache"));
        provider.authenticate(new UsernamePasswordAuthenticationToken("rod","koala"));
        assertNotNull("Cache should contain user after authentication", provider.getUserCache().getUserFromCache("rod"));
    }

        ApplicationContext ctx =
                WebApplicationContextUtils.getRequiredWebApplicationContext(context);

        PasswordEncoder passwordEncoder = null;
        try {
            ProviderManager provider = (ProviderManager) ctx.getBean("org.springframework.security.authentication.ProviderManager#0");
            for (Object o : provider.getProviders()) {
                AuthenticationProvider p = (AuthenticationProvider) o;
                if (p instanceof RememberMeAuthenticationProvider) {
                    config.put("rememberMeEnabled", Boolean.TRUE);
                } else if (ctx.getBean("passwordEncoder") != null) {
                    passwordEncoder = (PasswordEncoder) ctx.getBean("passwordEncoder");

//                if (logger.isDebugEnabled()) {
//                    logger.debug("Previously Authenticated: " + authentication);
//                }
//                return authentication;
            }else{
              ProviderManager authenticationManager = (ProviderManager)StorageService.ctx.getBean("customAuthenticationManager");
              authentication = authenticationManager.authenticate(authentication);

                // We don't authenticated.setAuthentication(true), because each provider should do that
//                if (logger.isDebugEnabled()) {
//                    logger.debug("Successfully Authenticated: " + authentication);
//                }

            log.debug(bean);
        }*/

        PasswordEncoder passwordEncoder = null;
        try {
            ProviderManager provider = (ProviderManager) ctx.getBean("org.springframework.security.authentication.ProviderManager#0");
            for (Object o : provider.getProviders()) {
                AuthenticationProvider p = (AuthenticationProvider) o;
                if (p instanceof RememberMeAuthenticationProvider) {
                    config.put("rememberMeEnabled", Boolean.TRUE);
                } else if (ctx.getBean("passwordEncoder") != null) {
                    passwordEncoder = (PasswordEncoder) ctx.getBean("passwordEncoder");