Spring Security Request to add Custom Properties to AuthenticationConfiguration

Dear. Spring Developers

Although late, I sincerely hope that you receive many blessings in the new year.

Expected Behavior Would you be so kind as to create a method for utilizing the AuthenticationManager directly, or perhaps devise a property to bypass or eliminate the Default Provider, particularly in circumstances where the AuthenticationManager can be used outright?

Current Behavior Currently, there is no way to register and use the AuthenticationManager object as a global bean. I am trying to register a custom Provider, but...

I believe that the DaoAuthenticationProvider is not necessary in the Bearer Token authentication method. Therefore, I did not implement UserDetailsService. However, when I inject the ProviderManager and run authenticate, a proxy object is injected, and a StackOfFlow occurs when trying to find a Bean

    @Bean
    public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
        ProviderManager authenticationManager = (ProviderManager) authenticationConfiguration.getAuthenticationManager();
        authenticationManager.getProviders().add(new CustomProvider());
        return authenticationManager;
    }

public class CustomFilter extends OncePerRequestFilter {

    private final AuthenticationManager authenticationManager;

    public CustomFilter(final AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;

    }

    @Override
    public void afterPropertiesSet() throws ServletException {
        super.afterPropertiesSet();
        ProviderManager providerManager = (ProviderManager) authenticationManager;
        providerManager.getProviders().removeAll(providerManager.getProviders());
        providerManager.getProviders().add(new CustomProvider());
    }

    @Override
    protected void doFilterInternal(
            final HttpServletRequest request,
            final HttpServletResponse response,
            final FilterChain filterChain)
            throws ServletException, IOException {
        CustomToken user = new CustomToken(List.of(new SimpleGrantedAuthority("USER")));
        authenticationManager.authenticate(user);
        filterChain.doFilter(request, response);
    }
}

Comment From: marcusdacoregio

Hi, @CHOICORE. Thanks for the good wishes.

I believe that the documentation about how to publish a AuthenticationManager bean and this issue might help you fixing the issue. If you still believe that there is some place for enhancement or if there is a bug, feel free to comment back in this issue and we can consider reopening it.