Authentication
Authentication as defined in earlier section checks whether the user is who he/she claims to be. Spring Security verifies username (principal) along with supplied password (credentials) to establish this. There are quite a large variety of ways by which you can authenticate the user into your application. Thankfully, Spring Security also has support for almost all the variety of authentication methodologies available in the industry by having appropriate authentication managers capable of handling these authentication models. Figure 15-8 below shows the various authentication managers available in Spring Security and their appropriate linkages to the framework.
Figure 15-8. Authentication managers in Spring Security
Spring Security uses a default authentication DB schema as shown in Figure 15-9 below using which authentication details can be fully offloaded to the database.
Figure 15-9. Spring Security DB authentication schema
The core interfaces in Spring Security authentication can be summarized as below:
- AuthenticationManager – interface responsible for processing the authentication requests. Listing 15-1 below shows this interface definition.
Listing 15-1. AuthenticationManager interface in Spring Security
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
package org.springframework.security.authentication; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; public interface AuthenticationManager { Authentication authenticate(Authentication authentication) throws AuthenticationException; } |
- AuthenticationProvider – interface which actually performs the authentication process. Listing 15-2 below shows this interface definition.
Listing 15-2. AuthenticationProvider interface in Spring Security
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
package org.springframework.security.authentication; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; public interface AuthenticationProvider { Authentication authenticate(Authentication authentication) throws AuthenticationException; boolean supports(Class<? extends Object> authentication); } |
- UserDetailsService – service interface which is responsible for returning the UserDetails object. Listing 15-3 below shows this interface definition.
Listing 15-3. UserDetailsService interface in Spring Security
|
1 2 3 4 5 6 7 8 9 10 11 |
package org.springframework.security.core.userdetails; import org.springframework.dao.DataAccessException; public interface UserDetailsService { UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException; } |
- UserDetails – interface which gives the complete details about the user. Listing 15-4 below shows this interface definition.
Listing 15-4. UserDetails interface in Spring Security
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
package org.springframework.security.core.userdetails; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import java.io.Serializable; import java.util.Collection; public interface UserDetails extends Serializable { Collection<GrantedAuthority> getAuthorities(); String getPassword(); String getUsername(); boolean isAccountNonExpired(); boolean isAccountNonLocked(); boolean isCredentialsNonExpired(); boolean isEnabled(); } |
Page Visitors: 10696
Tomcy John
Latest posts by Tomcy John (see all)
- A Guide to Continuous Improvement for Architects - February 2, 2023
- Cloud-first Architecture Strategy - January 26, 2023
- Architecture Strategy and how to create One - January 24, 2023