Menu
I have configured two authentication providers in my Spring Security config:
<security:authentication-manager> <security:authentication-provider ref="XProvider" /> <security:authentication-provider ref="YProvider" /> </security:authentication-manager> Does spring security evaluate both providers? Or does it stop to evaluate if one of them fails? If not, How to make it stop?
Thanks.
588
When using Java configuration, the way to define multiple security realms is to have multiple @Configuration classes that extend the WebSecurityConfigurerAdapter base class – each with its own security configuration. These classes can be static and placed inside the main config.
The Authentication Provider Spring Security provides a variety of options for performing authentication. These options follow a simple contract; an Authentication request is processed by an AuthenticationProvider, and a fully authenticated object with full credentials is returned.
You can specify as many providers as you want. They will be checked in the same order you declared them inside the authentication-manager tag.
Once a successful authentication is made, it will stop polling the providers. If any provider throws an AccountStatusException it will also break the polling.
183
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
