search

royclarkson / spring-rest-service-oauth

A simple OAuth protected REST service built with Spring Boot and Spring Security OAuth
Apache License 2.0
664 stars 339 forks source link

UserDetailsService is required for two providers #55

Closed shahbour closed 5 years ago

shahbour commented 5 years ago

I am facing a similer error to issues-19 but in my case i do have two provider ldap and dao thus two UserDetailsService so i was not able to explicity set the sugessted solution in issue 19 .

    @Bean
    public DaoAuthenticationProvider daoAuthenticationProvider() {
        DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
        daoAuthenticationProvider.setPasswordEncoder(passwordEncoder());
        daoAuthenticationProvider.setUserDetailsService(daoUserDetailsService());
        return daoAuthenticationProvider;
    }
    @Bean
    @Autowired
    public LdapAuthenticationProvider ldapAuthenticationProvider(AbstractLdapAuthenticator authenticatorWithIP,LdapAuthoritiesPopulator authoritiesPopulator,LdapUserDetailsMapper adLdapUserDetailsMapper) {

        LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(authenticatorWithIP, authoritiesPopulator);

        ldapAuthenticationProvider.setUserDetailsContextMapper(adLdapUserDetailsMapper);

        return ldapAuthenticationProvider;
    }
   @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(daoAuthenticationProvider);
        auth.authenticationProvider(ldapAuthenticationProvider);
    }
default/auth-568fc74879-s68hk[auth]: 2018-11-28 10:51:07.767  INFO 1 --- [nio-9191-exec-8] o.s.s.o.p.token.store.JdbcTokenStore     : Failed to find access token for token ed32b91a-fc00-4095-b891-091e92282d04
default/auth-568fc74879-s68hk[auth]: 2018-11-28 10:51:22.006 ERROR 1 --- [nio-9191-exec-9] o.s.s.o.provider.endpoint.TokenEndpoint  : Handling error: IllegalStateException, UserDetailsService is required.
default/auth-568fc74879-s68hk[auth]:
default/auth-568fc74879-s68hk[auth]: java.lang.IllegalStateException: UserDetailsService is required.
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter$UserDetailsServiceDelegator.loadUserByUsername(WebSecurityConfigurerAdapter.java:463)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper.loadUserDetails(UserDetailsByNameServiceWrapper.java:68)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider.authenticate(PreAuthenticatedAuthenticationProvider.java:103)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:174)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.oauth2.provider.token.DefaultTokenServices.refreshAccessToken(DefaultTokenServices.java:150)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.oauth2.provider.refresh.RefreshTokenGranter.getAccessToken(RefreshTokenGranter.java:47)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.oauth2.provider.token.AbstractTokenGranter.grant(AbstractTokenGranter.java:65)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.oauth2.provider.CompositeTokenGranter.grant(CompositeTokenGranter.java:38)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer$4.grant(AuthorizationServerEndpointsConfigurer.java:561)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.postAccessToken(TokenEndpoint.java:132)
default/auth-568fc74879-s68hk[auth]:    at sun.reflect.GeneratedMethodAccessor136.invoke(Unknown Source)
default/auth-568fc74879-s68hk[auth]:    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
default/auth-568fc74879-s68hk[auth]:    at java.lang.reflect.Method.invoke(Method.java:498)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:209)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:136)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:102)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:877)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:783)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:991)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:925)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:974)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:877)
default/auth-568fc74879-s68hk[auth]:    at javax.servlet.http.HttpServlet.service(HttpServlet.java:661)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:851)
default/auth-568fc74879-s68hk[auth]:    at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
default/auth-568fc74879-s68hk[auth]:    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
default/auth-568fc74879-s68hk[auth]:    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
default/auth-568fc74879-s68hk[auth]:    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
default/auth-568fc74879-s68hk[auth]:    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
default/auth-568fc74879-s68hk[auth]:    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.servlet.resource.ResourceUrlEncodingFilter.doFilter(ResourceUrlEncodingFilter.java:60)
default/auth-568fc74879-s68hk[auth]:    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
default/auth-568fc74879-s68hk[auth]:    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.filterAndRecordMetrics(WebMvcMetricsFilter.java:158)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.filterAndRecordMetrics(WebMvcMetricsFilter.java:126)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:111)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
default/auth-568fc74879-s68hk[auth]:    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
default/auth-568fc74879-s68hk[auth]:    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.boot.actuate.web.trace.servlet.HttpTraceFilter.doFilterInternal(HttpTraceFilter.java:90)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
default/auth-568fc74879-s68hk[auth]:    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
default/auth-568fc74879-s68hk[auth]:    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:127)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:119)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:215)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:357)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:270)
default/auth-568fc74879-s68hk[auth]:    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
default/auth-568fc74879-s68hk[auth]:    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
default/auth-568fc74879-s68hk[auth]:    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
default/auth-568fc74879-s68hk[auth]:    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
default/auth-568fc74879-s68hk[auth]:    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
shahbour commented 5 years ago

I end up creating MultipleUserDetailsService , not sure if it is the correct approach but it do work 

public class MultipleUserDetailsService implements UserDetailsService {

    private List<UserDetailsService> userDetailsServiceList = new ArrayList<>();

    public MultipleUserDetailsService(UserDetailsService ... userDetailsServices) {
        this.userDetailsServiceList.addAll(Arrays.asList(userDetailsServices));
    }

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {

        for (UserDetailsService userDetailsService : userDetailsServiceList) {
            try {
               UserDetails userDetails = userDetailsService.loadUserByUsername(username);
               if(userDetails != null) {
                   return userDetails;
               }
            }
            catch (UsernameNotFoundException exception) {
                log.debug("User not found  in {} trying next UserDetailsService", userDetailsService);
            }
        }

        throw new UsernameNotFoundException("Unable to find user " + username);
    }
}