Spring Security Quick Reference

User & Password Management

Implement UserDetailsService to load users from user store (InMemory, Database, LDAP)

  public interface UserDetailsService {
      UserDetails loadUserByUsername(String var1) throws UsernameNotFoundException;
  }

Implement UserDetailsManager to manage users like adding, modifying and deleting users.

  public interface UserDetailsManager extends UserDetailsService {
      void createUser(UserDetails var1);
      void updateUser(UserDetails var1);
      void deleteUser(String var1);
      void changePassword(String var1, String var2);
      boolean userExists(String var1);
  }

Implement PasswordEncoder to customize password encoding.

  public interface PasswordEncoder {
      String encode(CharSequence var1);
      boolean matches(CharSequence var1, String var2);
      default boolean upgradeEncoding(String encodedPassword) {
          return false;
      }
  }

Authentication

Implement AuthenticationProvider to customize user authentication.

  public interface AuthenticationProvider {
      Authentication authenticate(Authentication var1) throws AuthenticationException;
      boolean supports(Class<?> var1);
  }

Authentication - represents the token for an authentication request or for an authenticated principal.

  public interface Authentication extends Principal, Serializable {
    Collection<? extends GrantedAuthority> getAuthorities();
    Object getCredentials();
    Object getDetails();
    Object getPrincipal();
    boolean isAuthenticated();
    void setAuthenticated(boolean var1) throws IllegalArgumentException;
  }

Authorization

GrantedAuthority represents an action that a user can perform on the application.

  public interface GrantedAuthority extends Serializable {
    String getAuthority();
  }