https://kotlinlang.org logo
#server
Title
# server
b

Bernhard

01/17/2023, 10:13 AM
looking at the Kotlin DSL for Spring Security filter chains, it seems that there is no way to configure a UserDetailsService for a SecurityFilterChain anymore; what's the recommended workaround? I'm using 2 filter chains that protect different routes and use different users; 1 for actuator and 1 for the API
r

Robert Jaros

01/17/2023, 10:23 AM
In webflux security I use
.authenticationManager(UserDetailsRepositoryReactiveAuthenticationManager(nonDefaultUserDetailsService))
.
b

Bernhard

01/17/2023, 10:25 AM
so you chain that outside of the http { } block, right?
r

Robert Jaros

01/17/2023, 10:39 AM
I'm not using the DSL, but I see there is a DSL property so it should also work like this (havn't tested that):
Copy code
http {
            securityMatcher(ServerWebExchangeMatchers.pathMatchers("/server/api/**"))
            authenticationManager = UserDetailsRepositoryReactiveAuthenticationManager(apiUserDetailsService)
            authorizeExchange {
            }
            httpBasic { }
        }
b

Bernhard

01/17/2023, 10:40 AM
ok, seems that there is no equivalent for web mvc
2 Views