Home/ Questions/Q 6735761
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T11:03:03+00:00

My application uses Spring Security for handling authentication. So far I was using simple

  • 0

My application uses Spring Security for handling authentication. So far I was using simple authenticaton provider based on jdbc-user-service which was both performing authentication and loading authorities and it all worked fine:

<authentication-manager alias="authenticationManager">
    <authentication-provider>
        <password-encoder hash="sha" />
        <jdbc-user-service data-source-ref="dataSource"
            authorities-by-username-query="select t1.login, t2.USERROLES from USER as t1, USERROLES as t2 where t1.ID=t2.User_ID and t1.login= ?"
            users-by-username-query="select login,password,enabled from USER where login = ?" />
    </authentication-provider>
</authentication-manager>

Now I got a new specification:

  1. Authorities should be loaded from database just as before
  2. Authentication should be done using LDAP

I properly configured LDAP authentication in a test application and it works just fine. Now I have to put it together. How could I make my jdbc auth-provider to not perform authentication but only load authorities and enable the next auth-manager in order (LDAP auth-manager in my case) to do real authenticaton?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You need to implement your own authentication provider, but of course you can reuse the DaoAuthenticationProvider and LDAP authentication provider.

    BTW: the authorization part of the Ldap authentication provider is done in LdapAuthoritiesPopulator.

    • 0