This section covers only the configuration of the Elastic Social extensions for Spring Security. Please refer
to the
Spring
Security Reference Documentation for details about configuration of Spring Security. Elastic Social
provides a social-spring-security module which contains a Spring Security
AuthenticationProvider which can be used for authentication against the user database
provided by the CommunityUserService. When declaring a Maven dependency to the
social-spring-security module configure an authenticationProvider bean like this:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/ \
spring-security.xsd">
...
<bean id="authenticationProvider"
class="com.coremedia.elastic.social. \
springsecurity.UserAuthenticationProvider"/>
<security:authentication-manager>
<security:authentication-provider ref="authenticationProvider"/>
</security:authentication-manager>
...
</beans>
Example 4.21. Configuring a UserAuthenticationProvider
During a request, it is recommended to retrieve the logged in User once and as early as
possible from the database and store it in a Thread local variable. This could be realized with a Filter as
with the preintegrated com.coremedia.blueprint.elastic.social.cae.user.UserFilter,
com.coremedia.blueprint.elastic.social.cae.flows.LoginHelper and
com.coremedia.blueprint.elastic.social.cae.flows.RegistrationHelper.
 |  |  |
 |