Now, let's provide AuthenticationProvider to AuthenticationManagerBuilder in the Spring Security configuration class:
@Autowired
@Override
protected void configure(AuthenticationManagerBuilder auth) throws
Exception {
auth
.eraseCredentials(false)
//Providing AuthenticationProvider to
AuthenticationManagerBuilder.
.authenticationProvider(authenticationProviderBean())
.jdbcAuthentication()
.dataSource(dataSource);
}
Now, let's call that API and check the performance of authentication. If we call the API four times, the following log will be generated:
22:46:55.314 RDS DEBUG EhCacheBasedUserCache - Cache hit: false; username: cust001
22:46:55.447 RDS DEBUG JdbcTemplate - Executing prepared SQL query
22:46:55.447 RDS DEBUG JdbcTemplate - Executing prepared SQL statement [select username,password,enabled from users where username = ?]
22:46:55.447 RDS DEBUG DataSourceUtils - Fetching JDBC Connection from DataSource
22:46:55.447 RDS DEBUG SimpleDriverDataSource - Creating new JDBC Driver Connection to [jdbc:h2:mem:testdb;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=false]
22:46:55.463 RDS DEBUG DataSourceUtils - Returning JDBC Connection to DataSource
22:46:55.463 RDS DEBUG JdbcTemplate - Executing prepared SQL query
22:46:55.463 RDS DEBUG JdbcTemplate - Executing prepared SQL statement [select username,authority from authorities where username = ?]
22:46:55.463 RDS DEBUG DataSourceUtils - Fetching JDBC Connection from DataSource
22:46:55.463 RDS DEBUG SimpleDriverDataSource - Creating new JDBC Driver Connection to [jdbc:h2:mem:testdb;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=false]
22:46:55.479 RDS DEBUG DataSourceUtils - Returning JDBC Connection to DataSource
22:46:55.603 RDS DEBUG EhCacheBasedUserCache - Cache put: cust001
22:47:10.118 RDS DEBUG EhCacheBasedUserCache - Cache hit: true; username: cust001
22:47:12.619 RDS DEBUG EhCacheBasedUserCache - Cache hit: true; username: cust001
22:47:14.851 RDS DEBUG EhCacheBasedUserCache - Cache hit: true; username: cust001
As you can see in the preceding log, initially, AuthenticationProvider searches the UserDetails object from the cache; if it fails to get it from the cache, AuthenticationProvider will query the database for UserDetails and will put the updated object into the cache and for all the later calls, it will retrieve the UserDetails object from the cache.
If you update the password for a user and try to authenticate the user with the new password, and it fails to match the value in the cache, then it will query the UserDetails from the database.