Package org.springframework.security.authentication

@NullMarked package org.springframework.security.authentication

Core classes and interfaces related to user authentication, which are used throughout Spring Security.

Of key importance is the AuthenticationManager and its default implementation ProviderManager, which maintains a list AuthenticationProviders to which it delegates authentication requests.

Related Packages

Package	Description
org.springframework.security.authentication.dao	An AuthenticationProvider which relies upon a data access object.
org.springframework.security.authentication.event	Authentication success and failure events which can be published to the Spring application context.
org.springframework.security.authentication.jaas	An authentication provider for JAAS.
org.springframework.security.authentication.ott
org.springframework.security.authentication.password

Class	Description
AbstractAuthenticationToken	Base class for Authentication objects.
AbstractAuthenticationToken.AbstractAuthenticationBuilder<B extends AbstractAuthenticationToken.AbstractAuthenticationBuilder<B>>	A common abstract implementation of Authentication.Builder.
AbstractUserDetailsReactiveAuthenticationManager	A base ReactiveAuthenticationManager that allows subclasses to override and work with UserDetails objects.
AccountExpiredException	Thrown if an authentication request is rejected because the account has expired.
AccountStatusException	Base class for authentication exceptions which are caused by a particular user account status (locked, disabled etc).
AccountStatusUserDetailsChecker
AnonymousAuthenticationProvider	An AuthenticationProvider implementation that validates AnonymousAuthenticationTokens.
AnonymousAuthenticationToken	Represents an anonymous Authentication.
AuthenticationCredentialsNotFoundException	Thrown if an authentication request is rejected because there is no Authentication object in the SecurityContext.
AuthenticationDetailsSource<C,T>	Provides a Authentication.getDetails() object for a given web request.
AuthenticationEventPublisher
AuthenticationManager	Processes an Authentication request.
AuthenticationManagerResolver<C>	An interface for resolving an AuthenticationManager based on the provided context
AuthenticationObservationContext	An Observation.Context used during authentications
AuthenticationObservationConvention	An ObservationConvention for translating authentications into KeyValues.
AuthenticationProvider	Indicates a class can process a specific Authentication implementation.
AuthenticationServiceException	Thrown if an authentication request could not be processed due to a system problem.
AuthenticationTrustResolver	Evaluates Authentication tokens
AuthenticationTrustResolverImpl	Basic implementation of AuthenticationTrustResolver.
BadCredentialsException	Thrown if an authentication request is rejected because the credentials are invalid.
CachingUserDetailsService	Implementation of UserDetailsService that utilizes caching through a UserCache
CredentialsExpiredException	Thrown if an authentication request is rejected because the account's credentials have expired.
DefaultAuthenticationEventPublisher	The default strategy for publishing authentication events.
DelegatingReactiveAuthenticationManager	A ReactiveAuthenticationManager that delegates to other ReactiveAuthenticationManager instances.
DisabledException	Thrown if an authentication request is rejected because the account is disabled.
InsufficientAuthenticationException	Thrown if an authentication request is rejected because the credentials are not sufficiently trusted.
InternalAuthenticationServiceException	Thrown if an authentication request could not be processed due to a system problem that occurred internally.
LockedException	Thrown if an authentication request is rejected because the account is locked.
ObservationAuthenticationManager	An AuthenticationManager that observes the authentication
ObservationReactiveAuthenticationManager	An ReactiveAuthenticationManager that observes the authentication
ProviderManager	Iterates an Authentication request through a list of AuthenticationProviders.
ProviderNotFoundException	Thrown by ProviderManager if no AuthenticationProvider could be found that supports the presented Authentication object.
ReactiveAuthenticationManager	Determines if the provided Authentication can be authenticated.
ReactiveAuthenticationManagerAdapter	Adapts an AuthenticationManager to the reactive APIs.
ReactiveAuthenticationManagerResolver<C>	An interface for resolving a ReactiveAuthenticationManager based on the provided context
RememberMeAuthenticationProvider	An AuthenticationProvider implementation that validates RememberMeAuthenticationTokens.
RememberMeAuthenticationToken	Represents a remembered Authentication.
RememberMeAuthenticationToken.Builder<B extends RememberMeAuthenticationToken.Builder<B>>	A builder of RememberMeAuthenticationToken instances
TestingAuthenticationProvider	An AuthenticationProvider implementation for the TestingAuthenticationToken.
TestingAuthenticationToken	An Authentication implementation that is designed for use whilst unit testing.
TestingAuthenticationToken.Builder<B extends TestingAuthenticationToken.Builder<B>>	A builder of TestingAuthenticationToken instances
UserDetailsRepositoryReactiveAuthenticationManager	A ReactiveAuthenticationManager that uses a ReactiveUserDetailsService to validate the provided username and password.
UsernamePasswordAuthenticationToken	An Authentication implementation that is designed for simple presentation of a username and password.
UsernamePasswordAuthenticationToken.Builder<B extends UsernamePasswordAuthenticationToken.Builder<B>>	A builder of UsernamePasswordAuthenticationToken instances