Spring Security is a very lengthy and complex process for us to put down every piece of it. We will discuss the process to get an overview of the factors to be considered while defining Spring Security in our application:
- The entry point to start security starts from deployment descriptor, where the
DelegatingFilterProxy
filter has been mapped. It just delegates the requests to the Spring Security framework where all functionalities needed to perform security will be handled by filters that were defined in the application context. - Now the Spring application context searches for the bean configured with the name
springSecurityFilterChain
. It's actually an alias name for the bean that has been configured for theFilterChainProxy
class, with its name asfilterChainProxy
. So, whenever the check is done, thefilterChainProxy
bean will be returned by the context once found. This bean consists of the information about the list of security filters that were defined in the...