I want to add a custom AuthenticationProvider to micronaut-security as described in the docs. But my custom implementation is never called:
Controller:
@Get("/team")
@Secured(SecurityRule.IS_AUTHENTICATED)
HttpResponse getTeam(@Body @Valid JoinTeamRequest req) {
log.info("Get own team")
return HttpResponse.ok()
}
Custom AuthenticationProvider
@Singleton
class LiquidoAuthenticationProvider implements AuthenticationProvider {
LiquidoAuthenticationProvider() {
println "============= INIT LiquidoAuthenticationProvider" // this gets called. Can set a breakpoint on it
}
@Override
public Publisher<AuthenticationResponse> authenticate(HttpRequest<?> httpRequest, AuthenticationRequest<?, ?> authenticationRequest) {
println "============= authenticate " // <=== this never gets called. Breakpoint is never reached ?????????? Why?
[...] some code to authenticate request that returns flowable UserDetails on succcess [...]
}
}
Why is the authenticate method never called?
Some more info that might be relevant:
SOLUTION: AuthenticationProviders in Micronaut are only called, when the request acutally contains an Authorization Header. Actually a nice performance improvement. But one needs to know. Can be misleading when debugging.