Expected Behavior
When using the JwtIssuerAuthenticationManagerResolver there should be a away to replace the DefaultBearerTokenResolver (or the entire JwtClaimIssuerConverter) by a custom implementation.
Current Behavior
Both are created directly and final in the instance variables and cannot be replaced afaik.
Context
I use the JwtIssuerAuthenticationManagerResolver in a web socket backend which receives the JWT not in the Authorization Header but in a custom X-Authorization Cookie Header. Therefore, I need to use my own BearerTokenResolver implementation which gets the JWT from there. This seems not to be possible at the moment.
An example would be the BearerTokenAuthenticationFilter which allows me to provide my resolver as a bean:
@Bean
BearerTokenResolver bearerTokenResolver() {
return new CustomBearerTokenResolver();
}
Comment From: arvidOtt
It seems this is being addressed in Issue #8535. Will close this one.