|
|
@@ -4,10 +4,24 @@
|
|
|
Spring Security provides comprehensive support for <<authentication>>.
|
|
|
This section discusses:
|
|
|
|
|
|
-* <<servlet-authentication-unpwd>>
|
|
|
+[[servlet-authentication-architecture]]
|
|
|
+*Architecture Components*
|
|
|
+
|
|
|
+* <<servlet-authentication-securitycontextholder>> - The `SecurityContextHolder` is where Spring Security stores the details of who is <<authentication,authenticated>>.
|
|
|
+* <<servlet-authentication-securitycontext>> - is obtained from the `SecurityContextHolder` and contains the `Authentication` of the currently authenticated user.
|
|
|
+* <<servlet-authentication-authentication>> - Can be the input to `AuthenticationManager` to provide the credentials a user has provided to authenticate or the current user from the `SecurityContext`.
|
|
|
+* <<servlet-authentication-granted-authority>> - An authority that is granted to the principal on the `Authentication` (i.e. roles, scopes, etc.)
|
|
|
+* <<servlet-authentication-authenticationentrypoint>> - used for requesting credentials from a client (i.e. redirecting to a log in page, sending a `WWW-Authenticate` response, etc.)
|
|
|
+* <<servlet-authentication-abstractprocessingfilter>> - a base `Filter` used for authentication
|
|
|
+* <<servlet-authentication-authenticationmanager>> - the API that defines how Spring Security's Filters perform <<authentication,authentication>>.
|
|
|
+
|
|
|
+*Authentication Mechanisms*
|
|
|
+
|
|
|
+* <<servlet-authentication-unpwd>> - how to authenticate with a username/password
|
|
|
// FIXME: Add other mechanisms
|
|
|
|
|
|
-include::architecture/index.adoc[leveloffset=+1]
|
|
|
+// We intentionally do not increase leveloffset, this is just for organization vs document structure
|
|
|
+include::architecture/index.adoc[]
|
|
|
|
|
|
include::unpwd/index.adoc[leveloffset=+1]
|
|
|
|
Rob Winch