This is spring boot application to demonstrate spring-security usages
- spring-security generates default login page at using default filter : DefaultLoginPageGeneratingFilter.java through method : generateLoginPageHtml
- Useful classes:
- UsernamePasswordAuthenticationFilter : provides Authentication object from username and password
- UsernamePasswordAuthenticationToken : implements Authentication
- AuthenticationManager : interface
- ProviderManager : implementation of AuthenticationManager provided by spring framework
- ProviderManager has method authenticate which iterates through all the providers available in spring-security context and returns Authentication object
- DaoAuthenticationProvider : it is default AuthenticationProvider to perform authentication.
- InMemoryUserDetailsManager : default manager used by spring framework for in-memory user details
- By default, Spring Security Framework protects all the paths present inside the web application. This behaviour is due to : SpringBootWebSecurityConfiguration#defaultSecurityFilterChain(HttpSecurity http) method.