Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Tree: d2affef356
Branches Tags
spring-security
/
docs
/
modules
/
ROOT
/
pages
/
servlet
/
authentication
/
unpwd
/
dao-authentication-provider.adoc

dao-authentication-provider.adoc 2.1 KB
History Raw

12345678910111213141516171819202122 
  1. [[servlet-authentication-daoauthenticationprovider]]
    2. 

  2. = DaoAuthenticationProvider
    3. 

  3. :figures: servlet/authentication/unpwd
    4. 

  4. 

  5. {security-api-url}org/springframework/security/authentication/dao/DaoAuthenticationProvider.html[`DaoAuthenticationProvider`] is an <<servlet-authentication-authenticationprovider,`AuthenticationProvider`>> implementation that leverages a <<servlet-authentication-userdetailsservice,`UserDetailsService`>> and <<servlet-authentication-password-storage,`PasswordEncoder`>> to authenticate a username and password.
    6. 

  6. 

  7. Let's take a look at how `DaoAuthenticationProvider` works within Spring Security.
    8. 

  8. The figure explains details of how the <<servlet-authentication-authenticationmanager,`AuthenticationManager`>> in figures from <<servlet-authentication-unpwd-input,Reading the Username & Password>> works.
    9. 

  9. 

  10. .`DaoAuthenticationProvider` Usage
    11. 

  11. image::{figures}/daoauthenticationprovider.png[]
    12. 

  12. 

  13. image:{icondir}/number_1.png[] The authentication `Filter` from <<servlet-authentication-unpwd-input,Reading the Username & Password>> passes a `UsernamePasswordAuthenticationToken` to the `AuthenticationManager` which is implemented by <<servlet-authentication-providermanager,`ProviderManager`>>.
    14. 

  14. 

  15. image:{icondir}/number_2.png[] The `ProviderManager` is configured to use an <<servlet-authentication-authenticationprovider>> of type `DaoAuthenticationProvider`.
    16. 

  16. 

  17. image:{icondir}/number_3.png[] `DaoAuthenticationProvider` looks up the `UserDetails` from the `UserDetailsService`.
    18. 

  18. 

  19. image:{icondir}/number_4.png[] `DaoAuthenticationProvider` then uses the <<servlet-authentication-password-storage,`PasswordEncoder`>> to validate the password on the `UserDetails` returned in the previous step.
    20. 

  20. 

  21. image:{icondir}/number_5.png[] When authentication is successful, the <<servlet-authentication-authentication,`Authentication`>> that is returned is of type `UsernamePasswordAuthenticationToken` and has a principal that is the `UserDetails` returned by the configured `UserDetailsService`.
    22. 

  22. Ultimately, the returned `UsernamePasswordAuthenticationToken` will be set on the <<servlet-authentication-securitycontextholder,`SecurityContextHolder`>> by the authentication `Filter`.
    23.