3 Managing users

One of my colleagues from the university cooks pretty well. He’s not a chef in a fancy restaurant, but he’s quite passionate about cooking. One day, when sharing thoughts in a discussion, I asked him about how he manages to remember so many recipes. He told me that’s easy. “You don’t have to remember the whole recipe, but the way basic ingredients match with each other. It’s like some real-world contracts that tell you what you can mix or should not mix. Then for each recipe, you only remember some tricks.”

This analogy is similar to the way architectures work. With any robust framework, we use contracts to decouple the implementations of the framework from the application built upon it. With Java, we use interfaces to define the contracts. A programmer is similar to a chef, knowing how the ingredients “work” together to choose just the right “implementation.” The programmer knows the framework’s abstractions and uses those to integrate with it.

This chapter is about understanding in detail one of the fundamental roles you encountered in the first example we worked on in chapter 2--the UserDetailsService. Along with the UserDetailsService, we’ll discuss

3.1 Implementing authentication in Spring Security

3.2 Describing the user

3.2.1 Demystifying the definition of the UserDetails contract

3.2.2 Detailing on the GrantedAuthority contract

3.2.3 Writing a minimal implementation of UserDetails

3.2.4 Using a builder to create instances of the UserDetails type

3.2.5 Combining multiple responsibilities related to the user

3.3 Instructing Spring Security on how to manage users

3.3.1 Understanding the UserDetailsService contract

3.3.2 Implementing the UserDetailsService contract

3.3.3 Implementing the UserDetailsManager contract

Summary