Home > Back-end >  Spring Security Authentication Provider autenticate()'s reason for returning null
Spring Security Authentication Provider autenticate()'s reason for returning null

Time:10-23

Lately, I was studying Spring security's Authentication provider.

In the authenticate() method the docs say, "May return null if the AuthenticationProvider is unable to support authentication of the passed Authentication object. In such a case, the next AuthenticationProvider that supports the presented Authentication class will be tried."

We have another method supports() that indicates that if this provider supports the type of authentication or not.

As far as I know "AuthenticationManager" first calls supports() to check if the provider supports this type or not. Then the authenticate() method is called. So, from my understanding authenticate is only called when the provider supports it.

So, My question is " If the provider supports this type of auth, then why should it return null from authenticating ()? and why do the docs say "May return null if the AuthenticationProvider is unable to support authentication of the passed Authentication object" ??? Should it not always support it? (Because we checked its compatibility via supports().)

Can you give an example where the provider needs to return null?

Thanks in advance.

CodePudding user response:

quote from enter image description here

Page link:https//www.codepudding.com/Backend/163668.html

Prev:How to set value fetched from database inside select2 in JavaScript or jQuery?
Next:How to create a bean and autowire at run time dynamically based on user input param
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding