An AuthenticationManager is responsible for passing requests through a chain of AuthenticationProviders. It is very much similar to the filter chain in a typical web application.
These authentication providers are tried in the order shown (which is implied by the use of a List instead of a Set), with each provider able to attempt authentication, or skip authentication by simply returning null. If all implementations return null, the ProviderManager will throw a suitable exception.
Below is the spring bean configuration which can be used for setting up multiple authentication providers in your Spring application using Spring Security.
spring-security.xml
Sample 1:-
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
<security:authentication-manager alias="authenticationManager"> <security:authentication-provider ref="ntlmUthenticationProvider"> <security:password-encoder hash="md5" /> </security:authentication-provider> <security:authentication-provider user-service-ref="myUserService"> <security:password-encoder hash="plaintext" /> </security:authentication-provider> <security:authentication-provider ref="myAuthenticationProvider"> </security:authentication-provider> </security:authentication-manager> |
Sample 2:-
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager"> <property name="providers"> <list> <ref local="ntlmAuthenticationProvider"/> <ref local="anonymousAuthenticationProvider"/> <ref local="myAuthenticationProvider"/> </list> </property> </bean> |
In the above sample configuration, both the declared authentication providers will be registered with authentication manager.
Page Visitors: 5430

Tomcy John

Latest posts by Tomcy John (see all)
- A Guide to Continuous Improvement for Architects - February 2, 2023
- Cloud-first Architecture Strategy - January 26, 2023
- Architecture Strategy and how to create One - January 24, 2023
Hi,
I am working to retrieve the password. the user is authenticated against org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider. Since I cant retrieve a password from this provider, I wrote a custom provider that implements AuthenticationProvider and referred it in the auth manager config. I get the password from the method – public Authentication authenticate(Authentication authentication) throws AuthenticationException , but I was not able to store it for later use, please advice. Thank you.
Thanks. Nice one !!!