Multiple Authentication Providers in Spring Security

About

Asked 15/2, 2012 at 23:53 Answered 2/4, 2012 at 21:17

I have configured two authentication providers in my Spring Security config:

   <security:authentication-manager>
      <security:authentication-provider ref="XProvider" />
      <security:authentication-provider ref="YProvider" />
   </security:authentication-manager>

Does spring security evaluate both providers? Or does it stop to evaluate if one of them fails? If not, How to make it stop?

Thanks.

Bulwerlytton answered 15/2, 2012 at 23:53 Comment(0)

You can specify as many providers as you want. They will be checked in the same order you declared them inside the authentication-manager tag.

Once a successful authentication is made, it will stop polling the providers. If any provider throws an AccountStatusException it will also break the polling.

Ammamaria answered 2/4, 2012 at 21:17 Comment(2)

This is the correct answer. It should be mentioned, that this is not a core feature of Spring-Security but of the default AuthenticationManager implementation which supports a list of AuthenticationProvider instances. – Uncharitable 25/6, 2012 at 11:37

How to tell it move to next provider if Exception is not type of AccountStatusException ? – Michel 10/4, 2019 at 10:5

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags