- Hands-On Spring Security 5 for Reactive Applications
- Tomcy John
- 140字
- 2021-07-23 18:59:19
Custom AuthenticationProvider
If needs be, we can write a custom AuthenticationProvider by implementing the AuthenticationProvider interface. We will have to implement two methods, namely authenticate (Authentication) and supports(Class<?> aClass):
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {
@Override
public Authentication authenticate(Authentication authentication) throws
AuthenticationException {
String username = authentication.getName();
String password = authentication.getCredentials().toString();
if ("user".equals(username) && "password".equals(password)) {
return new UsernamePasswordAuthenticationToken
(username, password, Collections.emptyList());
} else {
throw new BadCredentialsException("Authentication failed");
}
}
@Override
public boolean supports(Class<?> aClass) {
return aClass.equals(UsernamePasswordAuthenticationToken.class);
}
}
Our authenticate method is quite simple. We just compare the username and password with a static value. We can write any logic here and authenticate the user. If there is an error, it throws an exception, AuthenticationException.
On the book's GitHub page, navigate to the jetty-in-memory-basic-custom-authentication project to see the full source code of this class.
推薦閱讀
- CTF實戰:技術、解題與進階
- 數字身份與元宇宙信任治理
- SASE原理、架構與實踐
- Securing Blockchain Networks like Ethereum and Hyperledger Fabric
- Learning Python for Forensics
- CSO進階之路:從安全工程師到首席安全官
- INSTANT Metasploit Starter
- 黑客攻防入門秘笈
- 數據安全實踐指南
- .NET安全攻防指南(上冊)
- 無線傳感器網絡安全與加權復雜網絡抗毀性建模分析
- 網絡關鍵設備安全檢測實施指南
- 實用黑客攻防技術
- Bug Bounty Hunting Essentials
- CTF快速上手:PicoCTF真題解析(Web篇)