diff --git a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/AuthenticationManagerConfiguration.java b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/AuthenticationManagerConfiguration.java index 9ebf7d3743..109f9b7c3d 100644 --- a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/AuthenticationManagerConfiguration.java +++ b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/AuthenticationManagerConfiguration.java @@ -128,6 +128,10 @@ public class AuthenticationManagerConfiguration extends ((ProviderManager) manager) .setAuthenticationEventPublisher(this.authenticationEventPublisher); } + else if (manager instanceof LazyAuthenticationManager) { + ((LazyAuthenticationManager) manager) + .setAuthenticationEventPublisher(this.authenticationEventPublisher); + } } } @@ -201,15 +205,29 @@ public class AuthenticationManagerConfiguration extends private static class LazyAuthenticationManager implements AuthenticationManager { private AuthenticationManagerBuilder builder; + private AuthenticationManager authenticationManager; + private AuthenticationEventPublisher authenticationEventPublisher; public LazyAuthenticationManager(AuthenticationManagerBuilder builder) { this.builder = builder; } + public void setAuthenticationEventPublisher( + AuthenticationEventPublisher authenticationEventPublisher) { + this.authenticationEventPublisher = authenticationEventPublisher; + } + @Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { - return this.builder.getOrBuild().authenticate(authentication); + if (this.authenticationManager == null) { + this.authenticationManager = this.builder.getOrBuild(); + if (this.authenticationManager instanceof ProviderManager) { + ((ProviderManager) this.authenticationManager) + .setAuthenticationEventPublisher(this.authenticationEventPublisher); + } + } + return this.authenticationManager.authenticate(authentication); } } diff --git a/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfigurationTests.java b/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfigurationTests.java index e3574043cd..b662ae7e1b 100644 --- a/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfigurationTests.java +++ b/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfigurationTests.java @@ -17,7 +17,6 @@ package org.springframework.boot.autoconfigure.security; import java.util.List; -import java.util.concurrent.atomic.AtomicReference; import org.junit.After; import org.junit.Test; @@ -41,6 +40,7 @@ import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.authentication.event.AbstractAuthenticationEvent; import org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter; @@ -159,23 +159,22 @@ public class SecurityAutoConfigurationTests { @Test public void testEventPublisherInjected() throws Exception { testAuthenticationManagerCreated(); - final AtomicReference wrapper = new AtomicReference(); - this.context.addApplicationListener(new ApplicationListener() { - @Override - public void onApplicationEvent(ApplicationEvent event) { - wrapper.set(event); - }; - }); + pingAuthenticationListener(); + } + + private void pingAuthenticationListener() { + AuthenticationListener listener = new AuthenticationListener(); + this.context.addApplicationListener(listener); AuthenticationManager manager = this.context.getBean(AuthenticationManager.class); try { - manager.authenticate(new UsernamePasswordAuthenticationToken("foo", "bar")); + manager.authenticate(new UsernamePasswordAuthenticationToken("foo", "wrong")); fail("Expected BadCredentialsException"); } catch (BadCredentialsException e) { // expected } - assertTrue("Wrong event type: " + wrapper.get(), - wrapper.get() instanceof AuthenticationFailureBadCredentialsEvent); + assertTrue("Wrong event type: " + listener.event, + listener.event instanceof AuthenticationFailureBadCredentialsEvent); } @Test @@ -221,6 +220,7 @@ public class SecurityAutoConfigurationTests { AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER")); assertNotNull(this.context.getBean(AuthenticationManager.class) .authenticate(user)); + pingAuthenticationListener(); } @Test @@ -256,6 +256,17 @@ public class SecurityAutoConfigurationTests { assertNotNull(this.context.getBean(JpaTransactionManager.class)); } + private static final class AuthenticationListener implements + ApplicationListener { + + private ApplicationEvent event; + + @Override + public void onApplicationEvent(AbstractAuthenticationEvent event) { + this.event = event; + } + } + @Configuration @TestAutoConfigurationPackage(City.class) protected static class EntityConfiguration {