package

org.springframework.security.authentication

Core classes and interfaces related to user authentication, which are used throughout Spring Security.

Of key importance is the AuthenticationManager and its default implementation ProviderManager, which maintains a list AuthenticationProviders to which it delegates authentication requests.

Interfaces

AuthenticationDetailsSource<C, T> Provides a getDetails() object for a given web request. 
AuthenticationEventPublisher  
AuthenticationManager Processes an Authentication request. 
AuthenticationProvider Indicates a class can process a specific Authentication implementation. 
AuthenticationTrustResolver Evaluates Authentication tokens 

Classes

AbstractAuthenticationToken Base class for Authentication objects. 
AccountStatusUserDetailsChecker  
AnonymousAuthenticationProvider An AuthenticationProvider implementation that validates AnonymousAuthenticationTokens. 
AnonymousAuthenticationToken Represents an anonymous Authentication
AuthenticationDetails A holder of the context as a string. 
AuthenticationDetailsSourceImpl This class is deprecated. Write an implementation of AuthenticationDetailsSource which returns the desired type directly.  
AuthenticationTrustResolverImpl Basic implementation of AuthenticationTrustResolver
DefaultAuthenticationEventPublisher The default strategy for publishing authentication events. 
ProviderManager Iterates an Authentication request through a list of AuthenticationProviders. 
RememberMeAuthenticationProvider An AuthenticationProvider implementation that validates RememberMeAuthenticationTokens. 
RememberMeAuthenticationToken Represents a remembered Authentication
TestingAuthenticationProvider An AuthenticationProvider implementation for the TestingAuthenticationToken
TestingAuthenticationToken An Authentication implementation that is designed for use whilst unit testing. 
UsernamePasswordAuthenticationToken An Authentication implementation that is designed for simple presentation of a username and password. 

Exceptions

AccountExpiredException Thrown if an authentication request is rejected because the account has expired. 
AccountStatusException Base class for authentication exceptions which are caused by a particular user account status (locked, disabled etc). 
AuthenticationCredentialsNotFoundException Thrown if an authentication request is rejected because there is no Authentication object in the SecurityContext
AuthenticationServiceException Thrown if an authentication request could not be processed due to a system problem. 
BadCredentialsException Thrown if an authentication request is rejected because the credentials are invalid. 
CredentialsExpiredException Thrown if an authentication request is rejected because the account's credentials have expired. 
DisabledException Thrown if an authentication request is rejected because the account is disabled. 
InsufficientAuthenticationException Thrown if an authentication request is rejected because the credentials are not sufficiently trusted. 
LockedException Thrown if an authentication request is rejected because the account is locked. 
ProviderNotFoundException Thrown by ProviderManager if no AuthenticationProvider could be found that supports the presented Authentication object.