AuthenticationManager, AuthenticationProvider(s), ProviderManager
AuthenticationManager (Interface)
public interface AuthenticationManager {
Authentication authenticate(Authentication authentication)
throws AuthenticationException;
}
Attempts to authenticate the passed Authentication object, returning a fully populated Authentication object (including granted authorities) if successful.
ProviderManager(class)
for ( AuthenticationProvider provider : getProviders ( ) ) {
if ( ! provider . supports ( toTest ) ) {
continue ;
}
if ( logger . isTraceEnabled ( ) ) {
logger . trace ( LogMessage . format ( "Authenticating request with %s (%d/%d)" ,
provider . getClass ( ) .getSimpleName ( ) , ++ currentPosition , size ) ) ;
}
try {
result = provider . authenticate ( authentication ) ;
if ( result != null ) {
copyDetails ( authentication , result ) ;
break ;
}
}
catch ( AccountStatusException | InternalAuthenticationServiceException ex ) {
prepareException ( ex , authentication ) ;
throw ex ;
}
catch ( AuthenticationException ex ) {
lastException = ex ;
}
}
We don't need to implement it ourselves since Spring Security manages it for us.
ProviderManager is a class implemented in AuthenticationManager responsible for authentication.
It is in charge of the authentication, but it does not actually carry out the authentication process.
It delegates authentications to AuthenticationProvider(s).
The AuthenticationProvider then passes on the result of the authentication to the ProviderManager.
AuthenticationProvider
public interface AuthenticationProvider {
Authentication authenticate(Authentication authentication) throws AuthenticationException;
boolean supports(Class<?> authentication);
}
The boolean supports(Class<?> authentication) method is a method that checks if AuthenticationProvider can authenticate or not.
The authentication process is performed through the authenticate() method.
Top comments (0)