UNTANGLE Spring Security Architecture
Authentication and Authorization:
- Validates user identity and orchestrates controlled resource access.
- Empowers comprehensive user authentication and nuanced authorization.
Security Filters:
- Intercepts incoming requests, meticulously enforcing security measures.
- Offers a flexible, layered security filter chain for diverse protection strategies.
Custom Authentication Providers:
- N Authentication Provider: Extends authentication capabilities beyond default configurations. Facilitates tailored authentication strategies and seamless integration.
- DaoAuthentication Provider: Adopts a database-backed approach for user authentication. Scrutinizes user credentials against stored records, heightening security.
Authentication Manager:
- Orchestrates the authentication process, coordinating various authentication providers.
- Serves as a pivotal component in managing user identity verification.
Token-based Security (JWT):
- Implements advanced token-based authentication for stateless communication.
- Facilitates secure interaction without the need for server-side storage.
Session Management:
- Efficiently manages user sessions, mitigating session-related risks.
- Provides adaptability for session creation, tracking, and invalidation.
Authentication Tokens:
- Username Password Authentication Token:Represents user credentials for authentication purposes.
- Leverages usernames and passwords for robust user verification.
Add/Remove Authentication Token:
- Dynamically enables the addition and removal of authentication tokens.
- Ensures real-time control over user authentication, promoting flexibility.
