The document discusses the components and architecture of Spring Security, focusing on filters, authentication managers, providers, and user details management. It outlines the roles of various filters such as the username password authentication filter, csrf filter, and session management filter. Additionally, it details different authentication providers including in-memory, DAO, and JWT providers, as well as password encoding mechanisms.

1. Spring security
Filters
Authentication
Manager
Authentication
Providers
Authentication
Security Context
User Details
Manager/Service
Password
Encoder
2
1
9
3
8
4
7
5 6

2. Spring security
Filters
Authentication
Manager
Authentication
Providers
Authentication
Security Context
User Details
Manager/Service
Password
Encoder
2
1
9
3
8
4
7
5 6

3. Spring security
Filters
Authentication
2
1
DefaultLoginPageGeneratingFilter
CsrfFilter
RequestCacheAwareFilter
SessionManagementFilter
SecurityContextPersistenceFilter
UsernamePasswordAuthenticationFilter

4. Spring security
Filters
Authentication
Manager
Authentication
Providers
Authentication
Security Context
User Details
Manager/Service
Password
Encoder
2
1
9
3
8
4
7
5 6

5. Authentication
DefaultLoginPageGeneratingFilter
CsrfFilter
RequestCacheAwareFilter
SessionManagementFilter
SecurityContextPersistenceFilter
UsernamePasswordAuthenticationFilter
3
ProviderManager
<<AuthenticationManager>>
UsernamePasswordAuthenticationToken
<<Authentication>>
InMemoryUsersDetailsManager
<<UserDetailsService>>
<<AuthenticationProvider>>
DaoAuthenticationProvider
4 9
5
6
8
7
Authenticate()
Authenticate()
Authentication
Authentication
LoadUserByUsername() UserDetails
1
0 Authentication
Extract User
Credentiels

6. Authentication
DefaultLoginPageGeneratingFilter
CsrfFilter
RequestCacheAwareFilter
SessionManagementFilter
SecurityContextPersistenceFilter
UsernamePasswordAuthenticationFilter
3
ProviderManager
<<AuthenticationManager>>
UsernamePasswordAuthenticationToken
<<Authentication>>
InMemoryUsersDetailsManager
<<UserDetailsService>>
<<AuthenticationProvider>>
DaoAuthenticationProvider
1
0
Extract User
Credentiels

7. ProviderManager
<<AuthenticationManager>>
<<AuthenticationProvider>>
JwtAuthenticationProvider
LdapAuthenticationProvider
DaoAuthenticationProvider
OAuth2AuthenticationProvider

8. ProviderManager
<<AuthenticationManager>>
<<AuthenticationProvider>>
JwtAuthenticationProvider
LdapAuthenticationProvider
DaoAuthenticationProvider
OAuth2AuthenticationProvider

9. ProviderManager
<<AuthenticationManager>>
<<AuthenticationProvider>>
JwtAuthenticationProvider
LdapAuthenticationProvider
DaoAuthenticationProvider
OAuth2AuthenticationProvider

10. Authentication
DefaultLoginPageGeneratingFilter
CsrfFilter
RequestCacheAwareFilter
SessionManagementFilter
SecurityContextPersistenceFilter
UsernamePasswordAuthenticationFilter
3
ProviderManager
<<AuthenticationManager>>
UsernamePasswordAuthenticationToken
<<Authentication>>
InMemoryUsersDetailsManager
<<UserDetailsService>>
<<AuthenticationProvider>>
DaoAuthenticationProvider
1
0
Extract User
Credentiels

11. ProviderManager
<<AuthenticationManager>>
<<AuthenticationProvider>>
DaoAuthenticationProvider
InMemoryUsersDetailsManager
<<UserDetailsService>>
BCryptPasswordEncoder
<<Password Encoder>>
Username
UserNamePassword AuthenticationToken
Password
UserDetails
UserNamePassword AuthenticationToken
Authorities
1
2
3 4
5

12. Spring security
Filters
Authentication
Manager
Authentication
Providers
Authentication
Security Context
User Details
Manager/Service
Password
Encoder
2
1
9
3
8
4
7
5 6

13. UserDetails
SecurityContextHolder
SecurityContext
Authentication
Authorities
Principal

14. Spring security
Filters
Authentication
Manager
Authentication
Providers
Authentication
Security Context
User Details
Manager/Service
Password
Encoder
2
1
9
3
8
4
7
5 6