CODEWITHSUNDEEP
springspring-security
AntonBoarf
AntonBoarf

Reputation: 1313

Spring Security : link between AuthenticationProvider and UserDetailsService

In some Spring Security code, I can see that :

@Override
public void configure(AuthenticationManagerBuilder auth) {
    auth.userDetailsService(myUserDetailsService);
}

From my understanding, AuthenticationManager manages a list of AuthenticationProvider And each AuthenticationProvider has its own UserDetailsService implementation.

This is what don't understand with the code above : when writting auth.userDetailsService(...), which AuthenticationProvider is used ? Does a new one got created ? Beucause there's a direct link between AuthenticationManager and UserDetailsService, but nothing about AuthenticationProvider

Upvotes: 0

Views: 76

Answers (1)

Marcus Hert da Coregio
Marcus Hert da Coregio

Reputation: 6308

When you do auth.userDetailsService(myUserDetailsService); you are adding a new DaoAuthenticationProvider that uses your UserDetailsService provided.

More specifically when calling the AuthenticationManagerBuilder#userDetailsService method, you are setting the defaultUserDetailsService property and applying a configuration of the type DaoAuthenticationConfigurer.

This configuration will then add the DaoAuthenticationProvider in the list of AuthenticationProvider that can be used.

You can find more details in the AuthenticationManagerBuilder source code.

Upvotes: 1

Related Questions