Custom Auth User in Spring

Question

I have a custom authentication implementation outside of Spring Security which I am in the process of integrating.

I am generating a Spring User as part of the auth process based on my existing User model.

Everything seems to be working fine except for the getAuthority function.

I have the below in my User model which implements UserDetails.

  @Override
    public Set<GrantedAuthority> getAuthorities() {
        Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
        authorities.add(new SimpleGrantedAuthority(this.role));
        return authorities;
    }

However, I am getting the below response.

"message": "A granted authority textual representation is required",

I believe I am missing the generation of correct ROLES in my DB. Currently private String role is "USER".

I think my question is this.

What is the correct format for my role field to allow this to work correctly and what is the best way to insert this role?

score 6 · Accepted Answer · edited May 23 '17 at 12:16

6

It depends.

If you are using Spring's default security configuration, a "ROLE_" prefix is needed. Usually, the basic values are: ROLE_USER and ROLE_ADMIN.

If not - check the custom configuration.

Related questions:

edited May 23 '17 at 12:16

Community

1
1

answered Dec 26 '16 at 07:27

MordechayS

1,552
2
19
29

Thanks for the suggestion. I have modfied the DB for the prefix you suggested, however I still get the same response. I will review the links your sent. – Yonkee Dec 26 '16 at 07:45
You were right. I just realized I was still using a dummy User Object with no role. I just updated to pull from DB using your suggested prefix and it is now working. Thanks for your help. – Yonkee Dec 26 '16 at 07:51

Custom Auth User in Spring

1 Answers1