If you are using the namespace, an AuthenticationManager
is
automatically registered and will be used by all the namespace-created beans which need to reference it.
The bean is an instance of Spring Security's ProviderManager
class, which needs to be
configured with a list of one or more AuthenticationProvider
instances.
These can either be created using syntax elements provided by the namespace, or they can be
standard bean definitions, marked for addition to the list using the
custom-authentication-provider
element.
This element is basically a shorthand syntax for configuring a DaoAuthenticationProvider
.
DaoAuthenticationProvider
loads user information from a UserDetailsService
and
compares the username/password combination with the values supplied at login. The UserDetailsService
instance
can be defined either by using an available namespace element (jdbc-user-service
or by using the user-service-ref
attribute to point to a bean defined elsewhere in the application context). You can find examples of these variations in the
namespace introduction.
If you have written your own AuthenticationProvider
implementation (or want
to configure one of Spring Security's own implementations as a traditional bean for some reason, then
you can use the following syntax to add it to the internal ProviderManager
's list:
<bean id="myAuthenticationProvider" class="com.something.MyAuthenticationProvider"> <security:custom-authentication-provider /> </bean>
Since the AuthenticationManager
will be automatically registered in the application
context, this element is entirely optional. It allows you to define an alias name for the internal instance for use
in your own configuration and also to supply a link to a ConcurrentSessionController
if you are configuring concurrent session control yourself rather than through the namespace (a rare requirement).
Its use is described in the namespace introduction.