Spring security - specific users


I am using ldap for authentication of requests.

I have configured by extending WebSecurityConfigurerAdapter and overriding configure(HttpSecurity) and configure(AuthenticationManagerBuilder) methods.

The credentials will be verified using ldap and on top of that, I need to maintain a static list that contains specific usernames to be allowed to access.

Can anyone help with the usernames validation part - do I need to write an extension of AuthenticationProvider to validate credentials and check for username? Just by configurations, I am able to take care of credentials verification.



do I need to write an extension of AuthenticationProvider to validate credentials and check for username


Yes. You need to have two different authentication provider. One to validate LDAP user's credential and other for static user list.

So, your <em>configure</em> method looks similar like below,

@Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.authenticationProvider(LDAPProvider); auth.authenticationProvider(StaticUserProvider); }

Here, an order is important because, user's credentials would validate according to above mentioned provider order.i.e first with <em>LDAPProvider</em> then with <em>StaticUserProvider</em>.


  • GQL query help - How can I write a query with where clause in GQL ? I am using google appengine data
  • secure iPhone to server communication so that only my app can post data?
  • Query a table in different ways or orderings in Cassandra
  • Can I change font size based on the number of letters? [duplicate]
  • Spring MVC redirect with custom http headers
  • Crafting a LINQ based solution to determine if a set of predicates are satisfied for a pair of colle
  • Read a file in “chunks” using PHP
  • Creating an Order Column for encrypted data
  • VB.NET 2012 Property Set on Property Get
  • Leaflet z-index
  • auth.provider is not set to 'password' when user signs-in with email and password
  • How to know which Linq statement produced the SQL on hand during runtime?
  • How can I extend PHP DOMElement?
  • Easiest way to get current unix timestamp via XSL
  • How to get current document uri in XSLT?
  • Functions in global context
  • Change multiple background-images with jQuery
  • Algorithm for a smudge tool?
  • Email format validation in mvc3 view
  • C# - Is there a limit to the size of an httpWebRequest stream?
  • What is Eclipse's Declaration View used for?
  • Can Jackson SerializationFeature be overridden per field or class?
  • How to add date and time under each post in guestbook in google app engine
  • sending/ receiving email in Java
  • Jquery - Jquery Wysiwyg return html as a string
  • SVN: Merging two branches together
  • Matrix multiplication with MKL
  • How to delete a row from a dynamic generate table using jquery?
  • Android Studio and gradle
  • Proper way to use connect-multiparty with express.js?
  • CSS Applying specific rule for a specific monitor resolution with only CSS is posible?
  • What are the advantages and disadvantages of reading an entire file into a single String as opposed
  • coudnt use logback because of log4j
  • Turn off referential integrity in Derby? is it possible?
  • Add sale price programmatically to product variations
  • Append folder name and increment by 1 using batch script
  • Checking variable from a different class in C#
  • Unable to use reactive element in my shiny app
  • Converting MP3 duration time
  • How do I use LINQ to get all the Items that have a particular SubItem?