Improve AuthenticationManagerBeanDefinitionParser XML parsing

Closes gh-7282
5 years ago · 2c1126c5aa
2 changed files with 37 additions and 8 deletions
--- a/config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParser.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 the original author or authors.
+ * Copyright 2002-2021 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -52,6 +52,8 @@ public class AuthenticationManagerBeanDefinitionParser implements BeanDefinition
 	private static final String ATT_REF = "ref";
 	private static final String ATT_ERASE_CREDENTIALS = "erase-credentials";
 	private static final String AUTHENTICATION_EVENT_PUBLISHER_BEAN_NAME = "defaultAuthenticationEventPublisher";
 	public BeanDefinition parse(Element element, ParserContext pc) {
 		String id = element.getAttribute("id");
@ -124,12 +126,14 @@ public class AuthenticationManagerBeanDefinitionParser implements BeanDefinition
 					false);
 		}
-		// Add the default event publisher
+		if (!pc.getRegistry().containsBeanDefinition(AUTHENTICATION_EVENT_PUBLISHER_BEAN_NAME)) {
-		BeanDefinition publisher = new RootBeanDefinition(
+			// Add the default event publisher to the context
-				DefaultAuthenticationEventPublisher.class);
+			BeanDefinition publisher = new RootBeanDefinition(DefaultAuthenticationEventPublisher.class);
-		String pubId = pc.getReaderContext().generateBeanName(publisher);
+			pc.registerBeanComponent(new BeanComponentDefinition(publisher, AUTHENTICATION_EVENT_PUBLISHER_BEAN_NAME));
-		pc.registerBeanComponent(new BeanComponentDefinition(publisher, pubId));
+		}
-		providerManagerBldr.addPropertyReference("authenticationEventPublisher", pubId);
+
 		providerManagerBldr.addPropertyReference("authenticationEventPublisher",
 				AUTHENTICATION_EVENT_PUBLISHER_BEAN_NAME);
 		pc.registerBeanComponent(new BeanComponentDefinition(providerManagerBldr
 				.getBeanDefinition(), id));
--- a/config/src/test/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParserTests.java
+++ b/config/src/test/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParserTests.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2016 the original author or authors.
+ * Copyright 2002-2021 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -20,6 +20,7 @@ import org.junit.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.ApplicationListener;
 import org.springframework.context.ConfigurableApplicationContext;
 import org.springframework.security.authentication.AuthenticationEventPublisher;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
 import org.springframework.security.authentication.ProviderManager;
@ -49,6 +50,18 @@ public class AuthenticationManagerBeanDefinitionParserTests {
 			+ "        </user-service>"
 			+ "    </authentication-provider>"
 			+ "</authentication-manager>";
 	// Issue #7282
 	// @formatter:off
 	private static final String CONTEXT_MULTI = "<authentication-manager id='amSecondary'>"
 			+ "    <authentication-provider>"
 			+ "        <user-service>"
 			+ "            <user name='john' password='{noop}doe' authorities='ROLE_C,ROLE_D' />"
 			+ "        </user-service>"
 			+ "    </authentication-provider>"
 			+ "</authentication-manager>";
 	// @formatter:on
 	@Rule
 	public final SpringTestRule spring = new SpringTestRule();
@ -60,6 +73,18 @@ public class AuthenticationManagerBeanDefinitionParserTests {
 		assertThat(context.getBeansOfType(AuthenticationProvider.class)).hasSize(1);
 	}
 	@Test
 	public void eventPublishersAreRegisteredAsTopLevelBeans() {
 		ConfigurableApplicationContext context = this.spring.context(CONTEXT).getContext();
 		assertThat(context.getBeansOfType(AuthenticationEventPublisher.class)).hasSize(1);
 	}
 	@Test
 	public void onlyOneEventPublisherIsRegisteredForMultipleAuthenticationManagers() {
 		ConfigurableApplicationContext context = this.spring.context(CONTEXT + '\n' + CONTEXT_MULTI).getContext();
 		assertThat(context.getBeansOfType(AuthenticationEventPublisher.class)).hasSize(1);
 	}
 	@Test
 	public void eventsArePublishedByDefault() throws Exception {
 		ConfigurableApplicationContext appContext = this.spring.context(CONTEXT)