Use DirectMappingAuthenticationManagerImpl to transform a credential as a function of authentication handler. In order for this component to be used effectively, the different handlers MUST use different credential types. An example may illustrate the use case more clearly. Let's make the following assumptions:
- There are two authentication stores for authenticating users, LDAP and X.509 certificates.
- A FastBindLdapAuthenticationHandler named ldapHandler authenticates users to the LDAP directory, and a X509CredentialsAuthenticationHandler named certHandler authenticates X.509 certificates.
- The credentials used to authenticate against the LDAP directory need to be transformed to a principal in a different manner from that of certificates.
- A CredentialToPrincipalResolver component exists for transforming LDAP credentials named ldapResolver and another for X.509 certificates named certResolver.
The following configuration may be used to authenticate users and resolve principals according to the use case above.