From 6ce481e930ac55151ab64dc6b815a3cdb065ef32 Mon Sep 17 00:00:00 2001
From: Alexander Alexeev
Date: Thu, 6 Apr 2017 11:38:06 +0700
Subject: wrong use userDetailsServiceBean() in security config

---
 .../main/java/com/juick/www/configuration/WebSecurityConfig.java | 7 ++++++-
 .../main/java/com/juick/www/configuration/WebSecurityConfig.java | 9 +++++++--
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/juick-spring-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java b/juick-spring-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
index 259e8c08..19485579 100644
--- a/juick-spring-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
+++ b/juick-spring-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
@@ -27,6 +27,11 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     @Bean("userDetailsService")
     @Override
     public UserDetailsService userDetailsServiceBean() throws Exception {
+        return super.userDetailsServiceBean();
+    }
+
+    @Override
+    public UserDetailsService userDetailsService() {
         return new JuickUserDetailsService(userService);
     }
 
@@ -57,7 +62,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                 .alwaysRemember(true)
                 //.useSecureCookie(true) // TODO Enable if https is supports
                 .rememberMeCookieDomain(env.getProperty("web_domain", "juick.com"))
-                .userDetailsService(userDetailsServiceBean())
+                .userDetailsService(userDetailsService())
                 .key(env.getProperty("auth_remember_me_key"))
                 .and()
                 .csrf().disable();
diff --git a/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java b/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
index dde67aa1..c6357c90 100644
--- a/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
+++ b/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
@@ -34,6 +34,11 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     @Bean("userDetailsService")
     @Override
     public UserDetailsService userDetailsServiceBean() throws Exception {
+        return super.userDetailsServiceBean();
+    }
+
+    @Override
+    public UserDetailsService userDetailsService() {
         return new JuickUserDetailsService(userService);
     }
 
@@ -83,7 +88,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     public DaoAuthenticationProvider authenticationProvider() throws Exception {
         DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
 
-        authenticationProvider.setUserDetailsService(userDetailsServiceBean());
+        authenticationProvider.setUserDetailsService(userDetailsService());
 
         return authenticationProvider;
     }
@@ -96,7 +101,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     @Bean
     public RememberMeServices rememberMeServices() throws Exception {
         TokenBasedRememberMeServices services = new TokenBasedRememberMeServices(
-                rememberMeKey, userDetailsServiceBean());
+                rememberMeKey, userDetailsService());
 
         services.setCookieName("juick-remember-me");
         services.setCookieDomain(webDomain);
-- 
cgit v1.2.3