-
Notifications
You must be signed in to change notification settings - Fork 5.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add getDelegate() method to ObservationAuthenticationManager #16071
base: main
Are you sure you want to change the base?
Add getDelegate() method to ObservationAuthenticationManager #16071
Conversation
@mtommila Please sign the Contributor License Agreement! Click here to manually synchronize the status of this Pull Request. See the FAQ for frequently asked questions. |
@mtommila Thank you for signing the Contributor License Agreement! |
Thanks for the suggestion, @mtommila. Instead of adding a getter to @Bean
AuthenticationManager authenticationManager(ObservationRegistry registry) {
// ... prepare authentication providers
ProviderManager toObserve = new ProviderManager(providers);
return new ObservationAuthenticationManager(registry, toObserve);
} In this way, you'd have direct access to the underlying manager in addition to having more access to its configuration. If that doesn't seem to help, can you tell me more about your situation and what you want to achieve by getting the delegate |
Hello, Constructing my own So, the In my glue logic, I need to get the existing, pre-configured The logic is something as follows:
Is there a better way to wrap the existing OIDC authentication provider? |
Gotcha. One of the strategies that can help when post-processing code that you don't have control over is registering an It looks something like this: http
.oauth2Login((oauth2) -> oauth2
.addObjectPostProcessor(new ObjectPostProcessor<>() {
@Override
public AuthenticationProvider postProcess(AuthenticationProvider provider) {
if (provider instanceof OidcAuthorizationCodeAuthenticationProvider oidc) {
return wrap(oidc);
}
return provider;
}
}
) What you return from the post-processor is the authentication provider that will get added. How well does that work for you? |
Hello, Yes, adding such an |
Add a getDelegate() method to ObservationAuthenticationManager to get the underlying AuthenticationManager.
This may be useful when configuring security if you need to get the ProviderManager to customize it. If you try to get it from HttpSecurity.getSharedObject(AuthenticationManager.class) but the ProviderManager has been wrapped with an ObservationAuthenticationManager then there's no easy way to get the ProviderManager otherwise.