Don't warn if UserDetailsAuthenticationProvider is configured per `…

…UserDetailsService` We should assume that every `UserDetailsService` is wired with configured `UserDetailsAuthenticationProvider`. Continuation of commit 7ddc005
spring-projects · Aug 8, 2024 · e2732af · e2732af
1 parent c3e010f
commit e2732af
Showing 1 changed file with 13 additions and 5 deletions.
diff --git a/...g/annotation/authentication/configuration/InitializeUserDetailsBeanManagerConfigurer.java b/...g/annotation/authentication/configuration/InitializeUserDetailsBeanManagerConfigurer.java
@@ -26,6 +26,7 @@
 import org.springframework.core.Ordered;
 import org.springframework.core.annotation.Order;
 import org.springframework.core.log.LogMessage;
+import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
 import org.springframework.security.authentication.password.CompromisedPasswordChecker;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
@@ -69,11 +70,18 @@ public void configure(AuthenticationManagerBuilder auth) throws Exception {
 			List<BeanWithName<UserDetailsService>> userDetailsServices = getBeansWithName(UserDetailsService.class);
 			if (auth.isConfigured()) {
 				if (!userDetailsServices.isEmpty()) {
-					this.logger.warn("Global AuthenticationManager configured with an AuthenticationProvider bean. "
-							+ "UserDetailsService beans will not be used for username/password login. "
-							+ "Consider removing the AuthenticationProvider bean. "
-							+ "Alternatively, consider using the UserDetailsService in a manually instantiated "
-							+ "DaoAuthenticationProvider.");
+					List<BeanWithName<AbstractUserDetailsAuthenticationProvider>> userDetailsAuthenticationProviders = getBeansWithName(
+							AbstractUserDetailsAuthenticationProvider.class);
+					boolean wired = (userDetailsAuthenticationProviders.size() == userDetailsServices.size());
+					// we should check every UserDetailsService is actually wired
+					// but getUserDetailsService() is not exposed
+					if (!wired) {
+						this.logger.warn("Global AuthenticationManager configured with an AuthenticationProvider bean. "
+								+ "UserDetailsService beans will not be used for username/password login. "
+								+ "Consider removing the AuthenticationProvider bean. "
+								+ "Alternatively, consider using the UserDetailsService in a manually instantiated "
+								+ "DaoAuthenticationProvider.");
+					}
 				}
 				return;
 			}