Package org.springframework.security.authentication
Core classes and interfaces related to user authentication, which are used throughout Spring Security.
Of key importance is the AuthenticationManager
and its default implementation ProviderManager
, which maintains a list AuthenticationProvider
s to which it delegates authentication requests.
-
Interface Summary Interface Description AuthenticationDetailsSource<C,T> Provides aAuthentication.getDetails()
object for a given web request.AuthenticationEventPublisher AuthenticationManager Processes anAuthentication
request.AuthenticationManagerResolver<C> An interface for resolving anAuthenticationManager
based on the provided contextAuthenticationProvider Indicates a class can process a specificAuthentication
implementation.AuthenticationTrustResolver EvaluatesAuthentication
tokensReactiveAuthenticationManager Determines if the providedAuthentication
can be authenticated.ReactiveAuthenticationManagerResolver<C> An interface for resolving aReactiveAuthenticationManager
based on the provided context -
Exception Summary Exception Description AccountExpiredException Thrown if an authentication request is rejected because the account has expired.AccountStatusException Base class for authentication exceptions which are caused by a particular user account status (locked, disabled etc).AuthenticationCredentialsNotFoundException Thrown if an authentication request is rejected because there is noAuthentication
object in theSecurityContext
.AuthenticationServiceException Thrown if an authentication request could not be processed due to a system problem.BadCredentialsException Thrown if an authentication request is rejected because the credentials are invalid.CredentialsExpiredException Thrown if an authentication request is rejected because the account's credentials have expired.DisabledException Thrown if an authentication request is rejected because the account is disabled.InsufficientAuthenticationException Thrown if an authentication request is rejected because the credentials are not sufficiently trusted.InternalAuthenticationServiceException Thrown if an authentication request could not be processed due to a system problem that occurred internally.LockedException Thrown if an authentication request is rejected because the account is locked.ProviderNotFoundException Thrown byProviderManager
if noAuthenticationProvider
could be found that supports the presentedAuthentication
object.