Create SecurityFilterChain in @Configuration class as standard @Bean and @Order is easy.
I need add factoryMethod to the @Configuration. I don't know how to run this factory method injecting properties, HttpSecurity bean multiple times and add it to security context.
My problem:
I have Map of properties with tenant-name and issuer-uri, for each tenant I need create separate SecurityFilterChain based on matcher "/tenant-name/**" and oauth2 issuer-url.
My doubts:
When I use custom constructor and inject there ApplicationContext, my properties, HttpSecurity.
Write injected HttpSecurity to local variable and use it multiple times will configure child's child securityMatcher on any incrementation instead of root matcher. Am I right?
I'm not sure register bean to Application context will be enough to work with spring security.
What is the best and appropriate solution in your opinion to solve this problem? I don't know Spring Security enough so I need a little help.