How to set-up and configure a ProviderManager using Spring Security namespace?

Question

Spring documentation says that ProviderManager is the default implementation of the AuthenticationManager, but is an instance of ProviderManager automatically created and wired by the security namespace?

In other words, will such configuration automatically create an instance of ProviderManager:

<authentication-manager>
    <authentication-provider>
       <password-encoder hash="md5"/>
       <jdbc-user-service data-source-ref="dataSource"/>
    </authentication-provider>
</authentication-manager>

Else, what do I need to do (or declare)?

Assuming I would want to plug my own implementation of AuthenticationManager, how would I configure this using the namespace?

I also want to specify which AuthenticationProvider should be registered in the ProviderManager. I have found the following piece of configuration code:

<bean id="authenticationManager"
    class="org.springframework.security.authentication.ProviderManager">
    <property name="providers">
        <list>
            <ref local="daoAuthenticationProvider"/>
            <ref local="anonymousAuthenticationProvider"/>
        </list> 
    </property>
</bean>

But is it enough? What is the right way to declare the list of AuthenticationProvider? Documentation is not very clear and complete regarding this issue.

Answer 1

In other words, will such configuration automatically create an instance of ProviderManager:

According to section B2 of the appendix, the answer is yes.

Assuming I would want to plug my own implementation of AuthenticationManager, how would I configure this using the namespace?

According to section B.3.1:

<global-method-security authentication-manager-ref="..." >

What is the right way to declare the list of AuthenticationProvider?

From a blog post, instead of using <authentication-manager> ... </authentication-manager>, one should use something like similar to this:

<bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
    <property name="providers">
        <list>
            <ref bean="authenticationProvider" />
            <ref bean="anonymousProvider" />
        </list>
    </property>
</bean>

<bean id="authenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
    <property name="passwordEncoder">
        <bean class="org.springframework.security.authentication.encoding.Md5PasswordEncoder" />
    </property>
    <property name="userDetailsService" ref="userService" />
</bean>

<bean id="anonymousProvider" class="org.springframework.security.authentication.AnonymousAuthenticationProvider">
    <property name="key" value="SomeUniqueKeyForThisApplication" />
</bean>