Spring Security 6 : Define Authentication Provider

-

 Till now we have used DAOAuthenticationProvider only












Till now we learnt DAOAuthProvider (default) => UserDetailsService

there maybe requirement for custom provider 1) age above 18 2) certain country only


















  • there maybe different types : all 3 are diff authentication provider
    • username & passwd
    • oAuth2
    • JAAS (legacy , java in built ) 
  • The AuthenticationProvider in Spring Security takes care of the authentication logic. 
  • The default implementation of the AuthenticationProvider is to delegate the responsibility of finding the user in the system to a UserDetailsService implementation & PasswordEncoder for password validation. But if we have a custom authentication requirement that is not fulfilled by Spring Security framework, then we can build our own authentication logic by implementing the AuthenticationProvider interface.
  • It is the responsibility of the ProviderManager which is an implementation of AuthenticationManager, to check with all the implementations of Authentication Providers and try to authenticate the user.
    • i think import the right auth provider
    • how would ProviderManager know which Auth provider to use ? the type of authentication object will tell (which type of token : username passwd, JAAS , oAuth2)

Authentication Provider Methods

Just has 2 methods
  1. authenticate : actual authentication logic , takes Authentication object and returns same ( i think it has a boolean flag that tells authenticated or not also has username and password ) 
  2. support

DAOAuthProvider has below method

public boolean supports(Class<?> authentication) {
    return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));
}

Authentication.java is an interface with many classes as implementation
  • UsernamePasswordAuthenticationToken
  • JAASAuthenticationToken
  • OIDCLogoutAuthenticationToken : used for oAuth2
  • AnonymousAuthenticationToken : for public pages etc
  • TestingAuthenticationToken : for unit testing etc
By time provider manager is invokned Filters are expected to load above type of token

Below code shows how ProviderManager searches for correct AuthenticationProvider inside while loop using Authentication object totest.
 








































Comments

Post a Comment

Popular posts from this blog

Agentic AI Course : Week 1

-
Image
8 weeks https://edwarddonner.com/2024/11/13/llm-engineering-resources/  6 week Agentic AI Course https://github.com/ed-donner/agents the file .env has all the keys select kernel https://github.com/ed-donner/agents/blob/main/1_foundations/1_lab1.ipynb import os openai_api_key = os.getenv( 'OPENAI_API_KEY' ) from openai import OpenAI openai = OpenAI() messages = [{ "role" : "user" , "content" : "What is 2+2?" }] response = openai.chat.completions.create(      model= "gpt-4.1-nano" ,      messages=messages      ) print (response.choices[ 0 ].message.content) Day 2 : what are AI Agents? 5 different patterns for agentic systems https://lavnish.blogspot.com/2025/05/essential-design-patterns-for-building.html In General Day 3 comparing different models  https://www.vellum.ai/llm-leaderboard syntax to call diff LLMs openAI , anthropic, gemini, deepseek, groq https://github.com/ed-donner/agents/blob/main/1_foundations/2_lab2.ipynb...
Read more

LLM Engineering course : Day 1

-
Image
 Anaconda Power Shell    this will open , way you know if it is a anaconda power shell by seeing "base" Then you can install the full environment    then to activate use command "conda activate llms"     Open Ques "what is environment.yml" Then activate the conda environment and open jupyter lab   you can start with virtualenv as well (all details in readme) Video 11 : Day 1 every AI has 2 types of plan 1) pro plan with UI monthly subscription 2) API pricing , pay per request, for OPEN API need to put in 5$ pre payment (can use gpt4-o-mini for less cost)  (all details in readme)  Video 11:  store keys in .env files (all details in readme)  Video 14 there are two types of prompt   Video 15 OpenAI came up with a standard way of interacting with LLMs which is now standard for many LLMs. It is a list of dictionaries. Use completions API https://platform.openai.com/docs/guides/completions   For websites that use Java...
Read more

LLM Engineering : Week 2

-
Day 2.1 setup  anthropic api key google api key (more complex) update .env file     What is Temperature ?  Pass value between 0 to 1. 1 is most creative , 0 is least There is a slight difference in Claude API and OpenAI  in claude API we pass system message and user message separately in claude we also give context  if you want to stream , in claude there is an extra method , in openAI there is a boolean attribute.    Day 2.2 : Gradio         Day 2.3         Day 2.4 Day 2.5          
Read more