Spring Security 2.x with multiple credentials

I am currently working on a project using Spring Security 2.x where the user authentication consists of more than just two parameters. Usually authentication consists one principal (username) and one credential (password). We are sticking with Spring Security version 2.x versus 3.x due to the inability to move to Spring 3.x at this time. So, I delved into how to implement authentication using multiple credentials. I am not going to go into setting up Spring Security, as there are plenty of resources already existing for reference. Also bear in mind that there is some refactoring that needs to happen to this code, I just wanted to share for anyone who may be running into issues like I had.

Security Spring Beans

First, lets look at the security-context.xml. It contains all of the beans related to our security implementation.

As you can see, I have introduced some new classes into the mix. Lets take a look at those now.

Java classes

MultipleCredentialAuthenticationFilter.java

MultipleCredentials.java

MultipleCredentialAuthenticationToken.java

MultipleCredentialAuthenticationProvider.java

MultipleCredentialAuthenticationService.java

AuthorityGranter.java

AuthorityGranterUndefinedException.java

Now all that is required is to provide implementation classes for our defined interfaces. See below:

MultipleCredentialAuthenticationServiceImpl.java

RoleUserAuthorityGranterImpl.java

Hopefully you will find this post useful if you are attempting to solve an authentication problem using multiple credentials using Spring Security.

Advertisements
This entry was posted in Java, Spring and tagged , , . Bookmark the permalink.

2 Responses to Spring Security 2.x with multiple credentials

  1. Joshua says:

    This is amazing you really did a lot of work on this.

  2. Brian Norton says:

    Great post Eric! Reading your blog has been very insightful and helpful to my work.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s