Menu
As much as I have been able to determine it gets into infinite loop only when following bean is enabled on my . If this bean is enabled WebSecurityConfigurerAdapter extended class.
@Override
@Bean(name = "MyAuthManager")
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
With this bean enabled, if I enter bad credentials, it gets into infinite loop. I have custom authentication provider extending from AbstractUserDetailsAuthenticationProvider. This class, as per contract throws UsernameNotFoundException if user is not found. I can see calls coming to my retrieveUser continuously.
Removing @Bean annotation, makes it work properly. But I need to access authentication manager at some other place.
485
I don't understand all the mechanics of things get glued together, but authenticationManagerBean was big clue. Somehow when spring security created authentication manager chain, parent manager was set to self manager if I use authenticationManagerBean. My solution was to set parent authentication manager to null in during configuration. It must be my mistake or lack of my understanding somewhere
@Override
protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
auth.parentAuthenticationManager(null);
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With