- Hands-On Spring Security 5 for Reactive Applications
- Tomcy John
- 140字
- 2021-07-23 18:59:19
Custom AuthenticationProvider
If needs be, we can write a custom AuthenticationProvider by implementing the AuthenticationProvider interface. We will have to implement two methods, namely authenticate (Authentication) and supports(Class<?> aClass):
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {
@Override
public Authentication authenticate(Authentication authentication) throws
AuthenticationException {
String username = authentication.getName();
String password = authentication.getCredentials().toString();
if ("user".equals(username) && "password".equals(password)) {
return new UsernamePasswordAuthenticationToken
(username, password, Collections.emptyList());
} else {
throw new BadCredentialsException("Authentication failed");
}
}
@Override
public boolean supports(Class<?> aClass) {
return aClass.equals(UsernamePasswordAuthenticationToken.class);
}
}
Our authenticate method is quite simple. We just compare the username and password with a static value. We can write any logic here and authenticate the user. If there is an error, it throws an exception, AuthenticationException.
On the book's GitHub page, navigate to the jetty-in-memory-basic-custom-authentication project to see the full source code of this class.
推薦閱讀
- Mobile Forensics Cookbook
- INSTANT Netcat Starter
- 工業互聯網安全
- Learning Python for Forensics
- CSO進階之路:從安全工程師到首席安全官
- 隱私計算
- 華為防火墻實戰指南
- Learning Pentesting for Android Devices
- Mastering Python for Networking and Security
- INSTANT Kali Linux
- 數字銀行安全體系構建
- CPK通向賽博安全之路:理論與實踐CPK Solution to Cyber Security:Theory and Practice
- 黑客攻防從入門到精通:絕招版(第2版)
- Python Penetration Testing Essentials
- 網絡安全與維護