What is the default AuthenticationManager in Spring-Security? How does it authenticate?

Question

I have the following bean defined:

Answer 1

From Spring Security Docs:

The default implementation in Spring Security is called ProviderManager and rather than handling the authentication request itself, it delegates to a list of configured AuthenticationProviders, each of which is queried in turn to see if it can perform the authentication. Each provider will either throw an exception or return a fully populated Authentication object.

Information about ProviderManager can also be found in Topical Guide - Spring Security Architecture:

The most commonly used implementation of AuthenticationManager is ProviderManager, which delegates to a chain of AuthenticationProvider instances. An AuthenticationProvider is a bit like an AuthenticationManager but it has an extra method to allow the caller to query if it supports a given Authentication type...