You are viewing the documentation for Blueriq 17. Documentation for other versions is available in our documentation directory.
Defining a customBean authentication provider
In the application.properties file only one property is expected for a customBean authentication provider:
blueriq.security.auth-providers.myAuthProvider01.type=customBean
The name of the authentication provider is used as the name of the Spring bean to lookup in the application context. Spring searches in the application context for a bean of the type org.springframework.security.authentication.AuthenticationProvider with (in this example) the name myAuthProvider01. So it is important that a bean with the specified name is available in the application context.
An implementation example of a custom AuthenticationProvider:
@Component
public class MyCustomAuthenticationProvider implements AuthenticationProvider {
@Override
public Authentication authenticate(Authentication authentication)
throws AuthenticationException {
String name = authentication.getName();
String password = authentication.getCredentials().toString();
if (shouldAuthenticateAgainstThirdPartySystem()) {
// use the credentials and authenticate against the third-party system
return new UsernamePasswordAuthenticationToken(name, password, new ArrayList<>());
} else {
return null;
}
}
@Override
public boolean supports(Class<?> authentication) {
return authentication.equals(UsernamePasswordAuthenticationToken.class);
}
}
@Configuration
public class SecurityConfigurationMyAuthProviderConfig {
@Bean
public AuthenticationProvider myAuthProvider01() {
return new MyCustomAuthenticationProvider();
}
}
Definening a custom Authentification
Overview
By default, Blueriq authentication manager can map roles, teams and custom claims(properties) when creating the user object from the authentication data.
Overview
Content Tools