In CUBA 6.9.5, the class CubaAuthProviderFactory has been deprecated.
However in cuba-web.jar ,its still using it in cuba-web-spring.xml.
This forces us to have to us the deprecated class to create our custom auth provider.
In CUBA 6.9.5, the class CubaAuthProviderFactory has been deprecated.
However in cuba-web.jar ,its still using it in cuba-web-spring.xml.
This forces us to have to us the deprecated class to create our custom auth provider.
You cannot get rid of it because it is a part of compatibility layer with old AuthProvider
interface. We are not going to remove it until 7.0+ version. By default it creates com.haulmont.cuba.web.auth.NoOpAuthProvider
which does not perform authentication at all.
I tried that way yesterday as per your suggestion.
However we configure the custom authentication in web-app.properties as below:
cuba.web.externalAuthenticationProviderClass= this is our custom authentication.
when we deploy it ,it will throw classcastException since the new custom authentication implements HttpRequestFilter which is not old AuthProvider interface implementation.
You should not use this property anymore. Use cuba.web.idp.enabled
property to enable IDP and replace Spring beans if needed.
i do set that flag and add the below in web.xml
<servlet>
<servlet-name>idp</servlet-name>
<servlet-class>com.haulmont.idp.sys.CubaIdpServlet</servlet-class>
<load-on-startup>3</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>idp</servlet-name>
<url-pattern>/idp/*</url-pattern>
</servlet-mapping>
<filter>
<filter-name>idpSpringSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>contextAttribute</param-name>
<param-value>org.springframework.web.servlet.FrameworkServlet.CONTEXT.idp</param-value>
</init-param>
<init-param>
<param-name>targetBeanName</param-name>
<param-value>springSecurityFilterChain</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>idpSpringSecurityFilterChain</filter-name>
<url-pattern>/idp/*</url-pattern>
</filter-mapping>
So for the custom authentication which implements HttpRequestFilter ,how can it be recognized by Spring?
You should simply replace IdpLoginHttpRequestFilter
bean with ID cuba_IdpLoginHttpRequestFilter
in web-spring.xml
:
<bean id="cuba_IdpLoginHttpRequestFilter" class="your.custom.FilterClass"/>