{"id":16761,"date":"2021-09-27T17:19:21","date_gmt":"2021-09-27T10:19:21","guid":{"rendered":"https:\/\/huongdanjava.com\/?p=16761"},"modified":"2021-09-29T05:31:02","modified_gmt":"2021-09-28T22:31:02","slug":"authentication-trong-spring-security","status":"publish","type":"post","link":"https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html","title":{"rendered":"Authentication trong Spring Security"},"content":{"rendered":"

Trong b\u00e0i vi\u1ebft\u00a0T\u1ed5ng quan v\u1ec1 quy tr\u00ecnh x\u1eed l\u00fd request trong Spring Security<\/a>, m\u00ecnh \u0111\u00e3 gi\u1edbi thi\u1ec7u s\u01a1 qua v\u1edbi c\u00e1c b\u1ea1n v\u1ec1 c\u00e1c th\u00e0nh ph\u1ea7n ch\u00ednh trong m\u1ed9t flow cho ph\u1ea7n authentication c\u1ee7a Spring Security framework. Trong b\u00e0i vi\u1ebft n\u00e0y, ch\u00fang ta s\u1ebd t\u00ecm hi\u1ec3u chi ti\u1ebft h\u01a1n v\u1ec1 c\u00e1ch Spring Security handle ph\u1ea7n authentication nh\u01b0 th\u1ebf n\u00e0o c\u00e1c b\u1ea1n nh\u00e9!<\/p>\n

\u0110\u1ea7u ti\u00ean, m\u00ecnh s\u1ebd t\u1ea1o m\u1edbi m\u1ed9t Spring Boot project v\u1edbi Spring Security Starter and Spring Web Starter \u0111\u1ec3 l\u00e0m v\u00ed d\u1ee5.<\/p>\n

K\u1ebft qu\u1ea3 nh\u01b0 sau:<\/p>\n

\"\"<\/p>\n

Nh\u01b0 m\u00ecnh \u0111\u00e3 n\u00f3i trong b\u00e0i vi\u1ebft T\u1ed5ng quan v\u1ec1 quy tr\u00ecnh x\u1eed l\u00fd request trong Spring Security<\/a>, class AuthenticationManager s\u1ebd l\u00e0 class \u0111\u1ea3m nh\u1eadn vi\u1ec7c authentication trong Spring Security:<\/p>\n

\"\"<\/p>\n

Request sau khi \u0111i qua AuthenticationFilter, th\u00f4ng tin \u0111\u0103ng nh\u1eadp c\u1ee7a user s\u1ebd \u0111\u01b0\u1ee3c convert sang \u0111\u1ed1i t\u01b0\u1ee3ng Authentication v\u1edbi implementation l\u00e0 class UsernamePasswordAuthenticationToken. AuthenticationManager s\u1ebd s\u1eed d\u1ee5ng th\u00f4ng tin trong class UsernamePasswordAuthenticationToken \u0111\u1ec3 l\u00e0m authentication.<\/p>\n

M\u1eb7c \u0111\u1ecbnh th\u00ec Spring h\u1ed7 tr\u1ee3 ch\u00fang ta authenticate username, password s\u1eed d\u1ee5ng class DaoAuthenticationProvider.<\/p>\n

Khi authenticate, v\u1edbi th\u00f4ng tin authentication trong class UsernamePasswordAuthenticationToken, Spring Security s\u1ebd l\u1ea5y th\u00f4ng tin username trong UsernamePasswordAuthenticationToken \u0111\u1ec3 ki\u1ec3m tra trong UserCache \u0111\u00e3 c\u00f3 th\u00f4ng tin c\u1ee7a username n\u00e0y ch\u01b0a<\/strong>? Kh\u00f4ng hi\u1ec3u sao code hi\u1ec7n t\u1ea1i s\u1eed d\u1ee5ng cho UserCache l\u1ea1i l\u00e0:<\/p>\n

private UserCache userCache = new NullUserCache();<\/pre>\n
NullUserCache th\u00ec ch\u1ec9 return null th\u00f4ng tin UserDetails th\u00f4i c\u00e1c b\u1ea1n!<\/p>\n
V\u00ec kh\u00f4ng c\u00f3 th\u00f4ng tin trong cache, n\u00ean Spring Security s\u1ebd s\u1eed d\u1ee5ng \u0111\u1ed1i t\u01b0\u1ee3ng c\u1ee7a interface UserDetailsService \u0111\u1ec3 l\u1ea5y th\u00f4ng tin UserDetails s\u1eed d\u1ee5ng username<\/strong>.<\/p>\n
Interface UserDetailsService ch\u1ec9 c\u00f3 duy nh\u1ea5t 1 abstract method l\u00e0 loadUserByUsername():<\/p>\n
public interface UserDetailsService {\r\n\r\n  UserDetails loadUserByUsername(String username) throws UsernameNotFoundException;\r\n}<\/pre>\n
Implement c\u1ee7a interface UserDetailsService \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong tr\u01b0\u1eddng h\u1ee3p n\u00e0y l\u00e0 InMemoryUserDetailsManager v\u00ec m\u00ecnh ko s\u1eed d\u1ee5ng database cho v\u00ed d\u1ee5 trong b\u00e0i vi\u1ebft n\u00e0y.<\/p>\n
N\u1ebfu c\u00f3 th\u00f4ng tin user v\u1edbi username m\u00e0 ch\u00fang ta \u0111ang g\u1eedi l\u00ean l\u00fac nh\u1ea5n n\u00fat Login, \u0111\u1ed1i t\u01b0\u1ee3ng UserDetails ch\u1ee9a th\u00f4ng tin c\u1ee7a user \u0111\u00f3 s\u1ebd \u0111\u01b0\u1ee3c return v\u1ec1.<\/p>\n
\u1ede \u0111\u00e2y Spring Security c\u00f2n l\u00e0m th\u00eam v\u00e0i thao t\u00e1c check user n\u1eefa tr\u01b0\u1edbc khi check th\u00f4ng tin password c\u1ee7a user: bao g\u1ed3m check user c\u00f3 b\u1ecb lock kh\u00f4ng, user c\u00f3 \u0111ang enable kh\u00f4ng v\u00e0 user c\u00f3 b\u1ecb expired kh\u00f4ng?<\/strong><\/p>\n
Class DefaultPreAuthenticationChecks implement interface UserDetailsChecker \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 l\u00e0m \u0111i\u1ec1u n\u00e0y v\u1edbi ph\u01b0\u01a1ng th\u1ee9c check().<\/p>\n
Spring Security s\u1ebd check th\u00f4ng tin password m\u00e0 user truy\u1ec1n, c\u00f3 gi\u1ed1ng v\u1edbi th\u00f4ng tin trong h\u1ec7 th\u1ed1ng kh\u00f4ng? S\u1eed d\u1ee5ng ph\u01b0\u01a1ng th\u1ee9c additionalAuthenticationChecks().<\/strong><\/p>\n
\u1ede \u0111\u00e2y, th\u00f4ng tin password s\u1ebd tu\u1ef3 v\u00e0o encoder m\u00e0 ch\u00fang ta \u0111ang configure v\u1edbi Spring Security th\u00ec class Encoder t\u01b0\u01a1ng \u1ee9ng s\u1ebd \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong qu\u00e1 tr\u00ecnh check password.<\/p>\n
Sau khi \u0111\u00e3 check th\u00f4ng tin password xong, Spring Security s\u1ebd c\u00f3 b\u01b0\u1edbc ki\u1ec3m tra xem password c\u00f3 b\u1ecb expired kh\u00f4ng s\u1eed d\u1ee5ng class DefaultPostAuthenticationChecks v\u1edbi ph\u01b0\u01a1ng th\u1ee9c check().<\/strong><\/p>\n
Trong qu\u00e1 tr\u00ecnh handle authentication flow, n\u1ebfu b\u1ea5t c\u1ee9 exception g\u00ec x\u1ea3y ra, th\u00ec interface AuthenticationFailureHandler v\u1edbi implementation SimpleUrlAuthenticationFailureHandler s\u1ebd handle exception n\u00e0y.<\/p>\n
C\u00f2n n\u1ebfu m\u1ecdi th\u1ee9 di\u1ec5n ra tr\u01a1n tru, kh\u00f4ng c\u00f3 l\u1ed7i g\u00ec c\u1ea3 th\u00ec interface AuthenticationSuccessHandler v\u1edbi implementation l\u00e0 class SavedRequestAwareAuthenticationSuccessHandler s\u1ebd handle..<\/p>\n
Chi ti\u1ebft cho nh\u1eefng \u0111i\u1ec1u \u0111\u00e3 x\u1ea3y ra \u1edf tr\u00ean, c\u00e1c b\u1ea1n c\u00f3 th\u1ec3 \u0111\u1ecdc th\u00eam code c\u1ee7a class AbstractAuthenticationProcessingFilter ph\u01b0\u01a1ng th\u1ee9c private doFilter():<\/p>\n
private void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain)\r\n\t\t\tthrows IOException, ServletException {\r\n    if (!requiresAuthentication(request, response)) {\r\n        chain.doFilter(request, response);\r\n        return;\r\n    }\r\n    try {\r\n        Authentication authenticationResult = attemptAuthentication(request, response);\r\n        if (authenticationResult == null) {\r\n            \/\/ return immediately as subclass has indicated that it hasn't completed\r\n            return;\r\n        }\r\n        this.sessionStrategy.onAuthentication(authenticationResult, request, response);\r\n        \/\/ Authentication success\r\n        if (this.continueChainBeforeSuccessfulAuthentication) {\r\n            chain.doFilter(request, response);\r\n        }\r\n        successfulAuthentication(request, response, chain, authenticationResult);\r\n    }\r\n    catch (InternalAuthenticationServiceException failed) {\r\n        this.logger.error(\"An internal error occurred while trying to authenticate the user.\", failed);\r\n        unsuccessfulAuthentication(request, response, failed);\r\n    }\r\n    catch (AuthenticationException ex) {\r\n        \/\/ Authentication failed\r\n        unsuccessfulAuthentication(request, response, ex);\r\n    }\r\n}<\/pre>\n
class UsernamePasswordAuthenticationFilter v\u1edbi ph\u01b0\u01a1ng th\u1ee9c attemptAuthentication():<\/p>\n
@Override\r\npublic Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)\r\n        throws AuthenticationException {\r\n    if (this.postOnly && !request.getMethod().equals(\"POST\")) {\r\n        throw new AuthenticationServiceException(\"Authentication method not supported: \" + request.getMethod());\r\n    }\r\n    String username = obtainUsername(request);\r\n    username = (username != null) ? username : \"\";\r\n    username = username.trim();\r\n    String password = obtainPassword(request);\r\n    password = (password != null) ? password : \"\";\r\n    UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, password);\r\n    \/\/ Allow subclasses to set the \"details\" property\r\n    setDetails(request, authRequest);\r\n    return this.getAuthenticationManager().authenticate(authRequest);\r\n}<\/pre>\n
v\u00e0 ph\u01b0\u01a1ng th\u1ee9c authenticate() trong class AbstractUserDetailsAuthenticationProvider:<\/p>\n
@Override\r\npublic Authentication authenticate(Authentication authentication) throws AuthenticationException {\r\n    Assert.isInstanceOf(UsernamePasswordAuthenticationToken.class, authentication,\r\n            () -> this.messages.getMessage(\"AbstractUserDetailsAuthenticationProvider.onlySupports\",\r\n                    \"Only UsernamePasswordAuthenticationToken is supported\"));\r\n    String username = determineUsername(authentication);\r\n    boolean cacheWasUsed = true;\r\n    UserDetails user = this.userCache.getUserFromCache(username);\r\n    if (user == null) {\r\n        cacheWasUsed = false;\r\n        try {\r\n            user = retrieveUser(username, (UsernamePasswordAuthenticationToken) authentication);\r\n        }\r\n        catch (UsernameNotFoundException ex) {\r\n            this.logger.debug(\"Failed to find user '\" + username + \"'\");\r\n            if (!this.hideUserNotFoundExceptions) {\r\n                throw ex;\r\n            }\r\n            throw new BadCredentialsException(this.messages\r\n                    .getMessage(\"AbstractUserDetailsAuthenticationProvider.badCredentials\", \"Bad credentials\"));\r\n        }\r\n        Assert.notNull(user, \"retrieveUser returned null - a violation of the interface contract\");\r\n    }\r\n    try {\r\n        this.preAuthenticationChecks.check(user);\r\n        additionalAuthenticationChecks(user, (UsernamePasswordAuthenticationToken) authentication);\r\n    }\r\n    catch (AuthenticationException ex) {\r\n        if (!cacheWasUsed) {\r\n            throw ex;\r\n        }\r\n        \/\/ There was a problem, so try again after checking\r\n        \/\/ we're using latest data (i.e. not from the cache)\r\n        cacheWasUsed = false;\r\n        user = retrieveUser(username, (UsernamePasswordAuthenticationToken) authentication);\r\n        this.preAuthenticationChecks.check(user);\r\n        additionalAuthenticationChecks(user, (UsernamePasswordAuthenticationToken) authentication);\r\n    }\r\n    this.postAuthenticationChecks.check(user);\r\n    if (!cacheWasUsed) {\r\n        this.userCache.putUserInCache(user);\r\n    }\r\n    Object principalToReturn = user;\r\n    if (this.forcePrincipalAsString) {\r\n        principalToReturn = user.getUsername();\r\n    }\r\n    return createSuccessAuthentication(principalToReturn, authentication, user);\r\n}<\/pre>\n
c\u00e1c b\u1ea1n nh\u00e9!<\/p>\n
C\u00e1c b\u1ea1n c\u00f3 th\u1ec3 ch\u1ea1y debug, add breakpoint v\u00e0o nh\u1eefng ph\u01b0\u01a1ng th\u1ee9c n\u00e0y, \u0111\u1ec3 hi\u1ec3u th\u00eam v\u1ec1 c\u00e1ch Spring Security \u0111ang x\u1eed l\u00fd cho ph\u1ea7n authentication nha c\u00e1c b\u1ea1n.<\/p>\n
Sau khi hi\u1ec3u chi ti\u1ebft xong th\u00ec c\u00e1c b\u1ea1n c\u00f3 th\u1ec3 add custom authentication filter nh\u01b0 m\u00ecnh \u0111\u00e3 l\u00e0m trong b\u00e0i vi\u1ebft Custom authentication filter \u0111\u0103ng nh\u1eadp kh\u00f4ng c\u1ea7n password trong Spring Security<\/a> d\u1ec5 d\u00e0ng, tu\u1ef3 theo m\u1ee5c \u0111\u00edch c\u1ee7a c\u00e1c b\u1ea1n!<\/p>\n\n\n
\n            \n
\n    \n
\n            
\n            \n\n
<\/div>\n        <\/div>\n            
\n            \n\n
<\/div>\n        <\/div>\n            
\n            \n\n
<\/div>\n        <\/div>\n            
\n            \n\n
<\/div>\n        <\/div>\n            
\n            \n\n
<\/div>\n        <\/div>\n    <\/div>\n    \n
\n            
\n            \n\n
<\/div>\n        <\/div>\n            
\n            \n\n
<\/div>\n        <\/div>\n            
\n            \n\n
<\/div>\n        <\/div>\n            
\n            \n\n
<\/div>\n        <\/div>\n            
\n            \n\n
<\/div>\n        <\/div>\n    <\/div>\n<\/div>\n                \n\n
\n            <\/span>\n    <\/div>\n    <\/div>\n","protected":false},"excerpt":{"rendered":"
Trong b\u00e0i vi\u1ebft\u00a0T\u1ed5ng quan v\u1ec1 quy tr\u00ecnh x\u1eed l\u00fd request trong Spring Security, m\u00ecnh \u0111\u00e3 gi\u1edbi thi\u1ec7u s\u01a1 qua v\u1edbi c\u00e1c b\u1ea1n v\u1ec1 c\u00e1c th\u00e0nh ph\u1ea7n ch\u00ednh trong m\u1ed9t flow cho ph\u1ea7n authentication c\u1ee7a Spring Security framework. Trong b\u00e0i vi\u1ebft n\u00e0y, ch\u00fang ta s\u1ebd t\u00ecm… Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":14897,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1893],"tags":[],"class_list":["post-16761","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-spring-security-vi","clearfix"],"yoast_head":"\nAuthentication trong Spring Security - Huong Dan Java<\/title>\n<meta name=\"description\" content=\"Trong b\u00e0i vi\u1ebft n\u00e0y, m\u00ecnh tr\u00ecnh b\u00e0y v\u1edbi c\u00e1c b\u1ea1n chi ti\u1ebft h\u01a1n v\u1ec1 c\u00e1ch m\u00e0 Spring Security authenticate m\u1ed9t request t\u1eeb ng\u01b0\u1eddi d\u00f9ng.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Authentication trong Spring Security - Huong Dan Java\" \/>\n<meta property=\"og:description\" content=\"Trong b\u00e0i vi\u1ebft n\u00e0y, m\u00ecnh tr\u00ecnh b\u00e0y v\u1edbi c\u00e1c b\u1ea1n chi ti\u1ebft h\u01a1n v\u1ec1 c\u00e1ch m\u00e0 Spring Security authenticate m\u1ed9t request t\u1eeb ng\u01b0\u1eddi d\u00f9ng.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html\" \/>\n<meta property=\"og:site_name\" content=\"Huong Dan Java\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/nhkhanh2406\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/nhkhanh2406\" \/>\n<meta property=\"article:published_time\" content=\"2021-09-27T10:19:21+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-09-28T22:31:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/huongdanjava.com\/wp-content\/uploads\/2019\/08\/spring-security.png\" \/>\n\t<meta property=\"og:image:width\" content=\"200\" \/>\n\t<meta property=\"og:image:height\" content=\"200\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Khanh Nguyen\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/KhanhNguyenJ\" \/>\n<meta name=\"twitter:site\" content=\"@KhanhNguyenJ\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Khanh Nguyen\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/vi\\\/authentication-trong-spring-security.html#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/vi\\\/authentication-trong-spring-security.html\"},\"author\":{\"name\":\"Khanh Nguyen\",\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/#\\\/schema\\\/person\\\/dc859d7f8cbea3b593e6738de9cbb82d\"},\"headline\":\"Authentication trong Spring Security\",\"datePublished\":\"2021-09-27T10:19:21+00:00\",\"dateModified\":\"2021-09-28T22:31:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/vi\\\/authentication-trong-spring-security.html\"},\"wordCount\":817,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/#\\\/schema\\\/person\\\/dc859d7f8cbea3b593e6738de9cbb82d\"},\"image\":{\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/vi\\\/authentication-trong-spring-security.html#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/huongdanjava.com\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/spring-security.png\",\"articleSection\":[\"Spring Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/huongdanjava.com\\\/vi\\\/authentication-trong-spring-security.html#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/vi\\\/authentication-trong-spring-security.html\",\"url\":\"https:\\\/\\\/huongdanjava.com\\\/vi\\\/authentication-trong-spring-security.html\",\"name\":\"Authentication trong Spring Security - Huong Dan Java\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/vi\\\/authentication-trong-spring-security.html#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/vi\\\/authentication-trong-spring-security.html#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/huongdanjava.com\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/spring-security.png\",\"datePublished\":\"2021-09-27T10:19:21+00:00\",\"dateModified\":\"2021-09-28T22:31:02+00:00\",\"description\":\"Trong b\u00e0i vi\u1ebft n\u00e0y, m\u00ecnh tr\u00ecnh b\u00e0y v\u1edbi c\u00e1c b\u1ea1n chi ti\u1ebft h\u01a1n v\u1ec1 c\u00e1ch m\u00e0 Spring Security authenticate m\u1ed9t request t\u1eeb ng\u01b0\u1eddi d\u00f9ng.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/vi\\\/authentication-trong-spring-security.html#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/huongdanjava.com\\\/vi\\\/authentication-trong-spring-security.html\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/vi\\\/authentication-trong-spring-security.html#primaryimage\",\"url\":\"https:\\\/\\\/huongdanjava.com\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/spring-security.png\",\"contentUrl\":\"https:\\\/\\\/huongdanjava.com\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/spring-security.png\",\"width\":200,\"height\":200},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/vi\\\/authentication-trong-spring-security.html#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/huongdanjava.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Authentication trong Spring Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/#website\",\"url\":\"https:\\\/\\\/huongdanjava.com\\\/\",\"name\":\"Huong Dan Java\",\"description\":\"Java development tutorials\",\"publisher\":{\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/#\\\/schema\\\/person\\\/dc859d7f8cbea3b593e6738de9cbb82d\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/huongdanjava.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/#\\\/schema\\\/person\\\/dc859d7f8cbea3b593e6738de9cbb82d\",\"name\":\"Khanh Nguyen\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/wp-content\\\/uploads\\\/2021\\\/07\\\/CC6FAC58-D227-4DD8-93D1-6D6A795577E3_1_201_a.jpeg\",\"url\":\"https:\\\/\\\/huongdanjava.com\\\/wp-content\\\/uploads\\\/2021\\\/07\\\/CC6FAC58-D227-4DD8-93D1-6D6A795577E3_1_201_a.jpeg\",\"contentUrl\":\"https:\\\/\\\/huongdanjava.com\\\/wp-content\\\/uploads\\\/2021\\\/07\\\/CC6FAC58-D227-4DD8-93D1-6D6A795577E3_1_201_a.jpeg\",\"width\":1267,\"height\":1517,\"caption\":\"Khanh Nguyen\"},\"logo\":{\"@id\":\"https:\\\/\\\/huongdanjava.com\\\/wp-content\\\/uploads\\\/2021\\\/07\\\/CC6FAC58-D227-4DD8-93D1-6D6A795577E3_1_201_a.jpeg\"},\"description\":\"I love Java and everything related to Java.\",\"sameAs\":[\"https:\\\/\\\/huongdanjava.com\",\"https:\\\/\\\/www.facebook.com\\\/nhkhanh2406\",\"https:\\\/\\\/x.com\\\/https:\\\/\\\/twitter.com\\\/KhanhNguyenJ\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Authentication trong Spring Security - Huong Dan Java","description":"Trong b\u00e0i vi\u1ebft n\u00e0y, m\u00ecnh tr\u00ecnh b\u00e0y v\u1edbi c\u00e1c b\u1ea1n chi ti\u1ebft h\u01a1n v\u1ec1 c\u00e1ch m\u00e0 Spring Security authenticate m\u1ed9t request t\u1eeb ng\u01b0\u1eddi d\u00f9ng.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html","og_locale":"en_US","og_type":"article","og_title":"Authentication trong Spring Security - Huong Dan Java","og_description":"Trong b\u00e0i vi\u1ebft n\u00e0y, m\u00ecnh tr\u00ecnh b\u00e0y v\u1edbi c\u00e1c b\u1ea1n chi ti\u1ebft h\u01a1n v\u1ec1 c\u00e1ch m\u00e0 Spring Security authenticate m\u1ed9t request t\u1eeb ng\u01b0\u1eddi d\u00f9ng.","og_url":"https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html","og_site_name":"Huong Dan Java","article_publisher":"https:\/\/www.facebook.com\/nhkhanh2406","article_author":"https:\/\/www.facebook.com\/nhkhanh2406","article_published_time":"2021-09-27T10:19:21+00:00","article_modified_time":"2021-09-28T22:31:02+00:00","og_image":[{"width":200,"height":200,"url":"https:\/\/huongdanjava.com\/wp-content\/uploads\/2019\/08\/spring-security.png","type":"image\/png"}],"author":"Khanh Nguyen","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/KhanhNguyenJ","twitter_site":"@KhanhNguyenJ","twitter_misc":{"Written by":"Khanh Nguyen","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html#article","isPartOf":{"@id":"https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html"},"author":{"name":"Khanh Nguyen","@id":"https:\/\/huongdanjava.com\/#\/schema\/person\/dc859d7f8cbea3b593e6738de9cbb82d"},"headline":"Authentication trong Spring Security","datePublished":"2021-09-27T10:19:21+00:00","dateModified":"2021-09-28T22:31:02+00:00","mainEntityOfPage":{"@id":"https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html"},"wordCount":817,"commentCount":0,"publisher":{"@id":"https:\/\/huongdanjava.com\/#\/schema\/person\/dc859d7f8cbea3b593e6738de9cbb82d"},"image":{"@id":"https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html#primaryimage"},"thumbnailUrl":"https:\/\/huongdanjava.com\/wp-content\/uploads\/2019\/08\/spring-security.png","articleSection":["Spring Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html#respond"]}]},{"@type":"WebPage","@id":"https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html","url":"https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html","name":"Authentication trong Spring Security - Huong Dan Java","isPartOf":{"@id":"https:\/\/huongdanjava.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html#primaryimage"},"image":{"@id":"https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html#primaryimage"},"thumbnailUrl":"https:\/\/huongdanjava.com\/wp-content\/uploads\/2019\/08\/spring-security.png","datePublished":"2021-09-27T10:19:21+00:00","dateModified":"2021-09-28T22:31:02+00:00","description":"Trong b\u00e0i vi\u1ebft n\u00e0y, m\u00ecnh tr\u00ecnh b\u00e0y v\u1edbi c\u00e1c b\u1ea1n chi ti\u1ebft h\u01a1n v\u1ec1 c\u00e1ch m\u00e0 Spring Security authenticate m\u1ed9t request t\u1eeb ng\u01b0\u1eddi d\u00f9ng.","breadcrumb":{"@id":"https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html#primaryimage","url":"https:\/\/huongdanjava.com\/wp-content\/uploads\/2019\/08\/spring-security.png","contentUrl":"https:\/\/huongdanjava.com\/wp-content\/uploads\/2019\/08\/spring-security.png","width":200,"height":200},{"@type":"BreadcrumbList","@id":"https:\/\/huongdanjava.com\/vi\/authentication-trong-spring-security.html#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/huongdanjava.com\/"},{"@type":"ListItem","position":2,"name":"Authentication trong Spring Security"}]},{"@type":"WebSite","@id":"https:\/\/huongdanjava.com\/#website","url":"https:\/\/huongdanjava.com\/","name":"Huong Dan Java","description":"Java development tutorials","publisher":{"@id":"https:\/\/huongdanjava.com\/#\/schema\/person\/dc859d7f8cbea3b593e6738de9cbb82d"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/huongdanjava.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/huongdanjava.com\/#\/schema\/person\/dc859d7f8cbea3b593e6738de9cbb82d","name":"Khanh Nguyen","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/huongdanjava.com\/wp-content\/uploads\/2021\/07\/CC6FAC58-D227-4DD8-93D1-6D6A795577E3_1_201_a.jpeg","url":"https:\/\/huongdanjava.com\/wp-content\/uploads\/2021\/07\/CC6FAC58-D227-4DD8-93D1-6D6A795577E3_1_201_a.jpeg","contentUrl":"https:\/\/huongdanjava.com\/wp-content\/uploads\/2021\/07\/CC6FAC58-D227-4DD8-93D1-6D6A795577E3_1_201_a.jpeg","width":1267,"height":1517,"caption":"Khanh Nguyen"},"logo":{"@id":"https:\/\/huongdanjava.com\/wp-content\/uploads\/2021\/07\/CC6FAC58-D227-4DD8-93D1-6D6A795577E3_1_201_a.jpeg"},"description":"I love Java and everything related to Java.","sameAs":["https:\/\/huongdanjava.com","https:\/\/www.facebook.com\/nhkhanh2406","https:\/\/x.com\/https:\/\/twitter.com\/KhanhNguyenJ"]}]}},"_links":{"self":[{"href":"https:\/\/huongdanjava.com\/wp-json\/wp\/v2\/posts\/16761","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/huongdanjava.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/huongdanjava.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/huongdanjava.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/huongdanjava.com\/wp-json\/wp\/v2\/comments?post=16761"}],"version-history":[{"count":11,"href":"https:\/\/huongdanjava.com\/wp-json\/wp\/v2\/posts\/16761\/revisions"}],"predecessor-version":[{"id":18484,"href":"https:\/\/huongdanjava.com\/wp-json\/wp\/v2\/posts\/16761\/revisions\/18484"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/huongdanjava.com\/wp-json\/wp\/v2\/media\/14897"}],"wp:attachment":[{"href":"https:\/\/huongdanjava.com\/wp-json\/wp\/v2\/media?parent=16761"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/huongdanjava.com\/wp-json\/wp\/v2\/categories?post=16761"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/huongdanjava.com\/wp-json\/wp\/v2\/tags?post=16761"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}