이번 포스팅은 DDaoAuthenticationProvider의 작동원리가 되겠다.
1. The authentication Filter from Reading the Username & Password passes a UsernamePasswordAuthenticationToken to the AuthenticationManager which is implemented by ProviderManager.
Username과 Password를 인증하는 필터는 UsernamePasswordAuthenticationToken 을 생성하여 AuthenticationManager 로전달한다.
2.The ProviderManager is configured to use an AuthenticationProvider of type DaoAuthenticationProvider.
ProviderManager가 AuthenticationManager 로 설정된다.
3.DaoAuthenticationProvider looks up the UserDetails from the UserDetailsService.
DaoAuthenticationProvider가 UserDetailsService에서 UserDetails 를 찾는다.
4.DaoAuthenticationProvider then uses the PasswordEncoder to validate the password on the UserDetails returned in the previous step.
DaoAuthenticationProvider 가 PasswordEncoder를 이용해서 비밀번호를 유효화하고 다시 이전 단계로 돌아간다.
5. When authentication is successful, the Authentication that is returned is of type UsernamePasswordAuthenticationToken and has a principal that is the UserDetails returned by the configured UserDetailsService. Ultimately, the returned UsernamePasswordAuthenticationToken will be set on the SecurityContextHolder by the authentication Filter.
인증이 정상적으로 되었다면, 인증은 UsernamePasswordAuthenticationToken 를 반환한다.
궁극적으로 UsernamePasswordAuthenticationToken 은 authentication Filter에 의해 SecurityContextHolder에 셋팅된다.
** 모든 자료의 출처는 Spring.io입니다.
'Back-End > Spring Security' 카테고리의 다른 글
| Authentication Components (2) SecurityContextHolder, SecurityContext (0) | 2021.03.17 |
|---|---|
| Authentication Components (1) 종류 (0) | 2021.03.17 |
| Spring Security Authentication (4) PasswordEncoder (0) | 2021.03.16 |
| Spring Security Authentication (3) UserDetails (0) | 2021.03.16 |
| Spring Security Authentication (2) JDBC Authentication (0) | 2021.03.16 |
댓글