1
00:00:00,300 --> 00:00:06,890
But now let's discuss the definition of authentication provider so we know that as an interface and

2
00:00:07,050 --> 00:00:11,820
how to implement it if we want to define our own authentication logic.

3
00:00:12,060 --> 00:00:17,960
But let's try to understand what different methods available inside it that we have to override.

4
00:00:18,120 --> 00:00:19,060
It's very simple.

5
00:00:19,080 --> 00:00:20,530
It has only two methods.

6
00:00:20,790 --> 00:00:27,900
One is a Pentecostal method which accept authentication parameter and returns the same authentication

7
00:00:27,900 --> 00:00:28,550
parameter.

8
00:00:28,740 --> 00:00:35,340
If you can recollect in the architecture of the spring security, the filters that intercept the history

9
00:00:35,440 --> 00:00:44,130
episode, that request will convert them into an authentication object and call the authentication manager

10
00:00:44,370 --> 00:00:50,960
authentication manager in Danville, call authentication method inside this provider.

11
00:00:51,270 --> 00:00:57,930
So if you want to write all the logic that you want to perform to the user, so authenticate is the

12
00:00:57,930 --> 00:00:59,700
matter where you have to write.

13
00:01:00,000 --> 00:01:04,129
And there is one more important method, which is support method.

14
00:01:04,379 --> 00:01:11,670
The purpose of this method is, as we were discussing previously, your organization may have multiple

15
00:01:12,030 --> 00:01:13,560
ways of authentication.

16
00:01:13,560 --> 00:01:18,920
You use it like username credentials, fingerprint face recognition.

17
00:01:19,290 --> 00:01:27,640
So this support method will help which type of authentication format that this provider supports.

18
00:01:27,830 --> 00:01:34,500
Suppose if I'm implementing it authentication provider for detecting it, face recognition of the user,

19
00:01:34,860 --> 00:01:36,200
then I will.

20
00:01:36,210 --> 00:01:45,300
How inside this supports method that this entire authentication provider has to be called only in the

21
00:01:45,300 --> 00:01:52,670
scenarios where we are doing facial recognition from the user, but not using username and password.

22
00:01:52,950 --> 00:01:54,490
So that's the purpose of support.

23
00:01:54,660 --> 00:01:58,300
So now we have what is a definition of authentication provider.

24
00:01:58,500 --> 00:02:03,660
Let's try to understand in the code of the spring security framework, right.

25
00:02:03,660 --> 00:02:07,830
From authentication manager to authentication provider, one by one.

26
00:02:08,310 --> 00:02:13,590
This is the authentication manager available inside the spring security framework.

27
00:02:13,920 --> 00:02:20,010
And there is only one method which is similar to what we have seen in the authentication provider,

28
00:02:20,370 --> 00:02:22,490
because it is making sense, right?

29
00:02:22,830 --> 00:02:30,750
It has to pass the same request that it is coming from the filter to the provider, which will actually

30
00:02:31,050 --> 00:02:33,570
validate the controls of the user.

31
00:02:33,720 --> 00:02:42,840
So this manager job is only to identify and call all the providers present inside my application one

32
00:02:42,840 --> 00:02:47,280
by one, till that the user is authenticated successfully.

33
00:02:47,460 --> 00:02:51,680
Or once we try to all the providers, then we should throw an exception.

34
00:02:51,900 --> 00:02:55,890
So that's the only responsibility of the authentication manager.

35
00:02:56,220 --> 00:03:02,160
That's why we have the same method present inside this also similar to provider.

36
00:03:02,310 --> 00:03:05,940
And the only difference between the manager and provider is support Smith.

37
00:03:06,150 --> 00:03:12,740
As you can expect, authentication provider is the one which does actual authentication logic.

38
00:03:12,930 --> 00:03:19,470
That's why it needs that support method in the scenarios where we want to have multiple ways of authentication.

39
00:03:19,470 --> 00:03:26,310
But there'll be only a single authentication manager which will always delegate the authentication object

40
00:03:26,790 --> 00:03:28,420
to the corresponding providers.

41
00:03:28,710 --> 00:03:35,550
So now this is the interface you might be asking like what is the implementation of this authentication

42
00:03:35,550 --> 00:03:35,880
method?

43
00:03:36,210 --> 00:03:41,220
So provider manager is the implementation of the authentication mechanism.

44
00:03:41,460 --> 00:03:46,620
So here is an authenticate method which my friends will call.

45
00:03:46,920 --> 00:03:53,850
And inside this ATM it will look what role the provider support by my application like.

46
00:03:53,850 --> 00:03:55,050
And we have three providers.

47
00:03:55,050 --> 00:04:02,910
One is username credentials, the other one is fingerprints that Ronni's or so it will try to loop one

48
00:04:02,910 --> 00:04:05,730
by one inside a for loop.

49
00:04:05,970 --> 00:04:11,190
And the very first check that it will do is whatever authentication type that I'm getting.

50
00:04:11,370 --> 00:04:13,440
Is it supported by this provider?

51
00:04:13,750 --> 00:04:14,610
I suppose I may.

52
00:04:14,610 --> 00:04:19,560
How three authentication implementations inside my application.

53
00:04:19,560 --> 00:04:24,930
One is username authentication, the other one is a fingerprint authentication, and the last one is

54
00:04:25,530 --> 00:04:26,220
authentication.

55
00:04:26,370 --> 00:04:32,210
So here I can mention inside my provider what is the type that my provider supports.

56
00:04:32,400 --> 00:04:36,690
So if it supports the Nunley, it will continue to the next logic.

57
00:04:36,690 --> 00:04:42,290
Otherwise it will skip this all the next logic and it will go and check for that next provider.

58
00:04:42,600 --> 00:04:50,310
So this is the way my authentication manager, which is provider manager here, because it implemented

59
00:04:50,320 --> 00:04:55,020
authentication manager, it trace all the providers available inside our application.

60
00:04:55,320 --> 00:04:59,630
And first it will call whether the provider that is right now focusing.

61
00:04:59,940 --> 00:05:07,710
It supports the authentication date next, it will call the authentication method, which is available

62
00:05:07,710 --> 00:05:10,660
in the authentication provider implementation.

63
00:05:10,980 --> 00:05:18,480
So if the result is not null, it will come out of the loop because that means my framework identify

64
00:05:18,490 --> 00:05:21,950
the correct provider that needs to be executed.

65
00:05:22,290 --> 00:05:26,340
But if the result is null, then it will go on to other providers.

66
00:05:26,730 --> 00:05:33,030
And you can also see one of the great future provided by security and said provider manager.

67
00:05:33,330 --> 00:05:40,770
Once everything, all authentication is completed, it will erase your credentials and sensitive data

68
00:05:40,770 --> 00:05:43,350
like password because the authentication is complete.

69
00:05:43,620 --> 00:05:50,520
There is no need to maintain that password again in the authentication object or in any other place

70
00:05:50,640 --> 00:05:55,530
because it will create a mystery security force that is also taken care of.

71
00:05:55,530 --> 00:05:56,860
Insert the spring security.

72
00:05:57,180 --> 00:06:06,180
So now we know what is provider manager and how we call provider one by one and how it VALETTA authentication.

73
00:06:06,410 --> 00:06:07,440
Oh, let's try to go.

74
00:06:07,440 --> 00:06:11,010
The authentication provider that we are discussing.

75
00:06:11,520 --> 00:06:14,630
It is an interface which has only two methods.

76
00:06:14,640 --> 00:06:20,770
One is authenticate where we have to write our own logic and followed by the supports.

77
00:06:21,030 --> 00:06:27,420
So this is the important method to define which provider has to be called for.

78
00:06:27,420 --> 00:06:34,740
The input that I am receiving from the user and previous leave and we are building the application.

79
00:06:34,750 --> 00:06:42,870
We never implemented authentication provider, but Spring Framework provided a default implemented authentication

80
00:06:42,870 --> 00:06:46,510
provider, which is a davo authentication provider.

81
00:06:46,800 --> 00:06:51,150
So this extends abstract user details, integration provide.

82
00:06:51,540 --> 00:06:52,800
The insight is provided.

83
00:06:52,920 --> 00:07:00,420
We have an authenticated method which will be called the authentication manager, our program manager.

84
00:07:00,840 --> 00:07:06,510
With this, I'm assuming your understanding what is authentication provider, how to leverage the how

85
00:07:06,510 --> 00:07:09,560
to implement it, espero requirements.

86
00:07:09,960 --> 00:07:13,740
We will be doing some handsome exercise in the coming videos.

87
00:07:14,100 --> 00:07:23,220
But before going to the hands on, I just wanted to show you what is this authentication interface and

88
00:07:23,730 --> 00:07:27,300
what is the importance of it in this being security framework.

89
00:07:27,720 --> 00:07:29,930
So let's try to look into that in the next room.

90
00:07:30,090 --> 00:07:30,500
Thank you.

91
00:07:30,510 --> 00:07:30,900
And by.