# DAoAuthenticationProvider [`DaoAuthenticationProvider`](https://DOCS. Spring.io/ Spring-security/site/DOCS/5.6.2/api/org/springframework/security/authentication/dao/daoauthenticationprovider.html)是一种[`AuthenticationProvider`](../architecture.html.html.html# Servlet-attentification-authnationprovider)实现,利用[<`UserDetailsService`](user-details-service.html# Servlet-html#[userauthentification]-html# Servlet- 让我们来看看`DaoAuthenticationProvider`在 Spring 安全性中是如何工作的。该图详细说明了[读取用户名和密码](index.html#servlet-authentication-unpwd-input)图中的[`AuthenticationManager`](../architecture.html# Servlet-authentication-authenticationmanager)是如何工作的。 ![DAoAuthenticationProvider ](https://docs.spring.io/spring-security/reference/_images/servlet/authentication/unpwd/daoauthenticationprovider.png) 图 1。`DaoAuthenticationProvider`用法 ![number 1](https://docs.spring.io/spring-security/reference/_images/icons/number_1.png)来自[读取用户名和密码](index.html#servlet-authentication-unpwd-input)的身份验证`Filter`将一个`UsernamePasswordAuthenticationToken`传递到`AuthenticationManager`,这是由[`ProviderManager`](../architecture.html# Servlet-assertification-providerManager)实现的。 ![number 2](https://docs.spring.io/spring-security/reference/_images/icons/number_2.png)`ProviderManager`被配置为使用[身份验证提供者](../architecture.html#servlet-authentication-authenticationprovider)类型的`DaoAuthenticationProvider`。 ![number 3](https://docs.spring.io/spring-security/reference/_images/icons/number_3.png)`DaoAuthenticationProvider`从`UserDetailsService`中查找`UserDetails`。 ![number 4](https://docs.spring.io/spring-security/reference/_images/icons/number_4.png)`DaoAuthenticationProvider`然后使用[`PasswordEncoder`](password-encoder.html# Servlet-authentication-password-storage)在上一步返回的`UserDetails`上验证密码。 ![number 5](https://docs.spring.io/spring-security/reference/_images/icons/number_5.png)当身份验证成功时,返回的[`Authentication`](../architecture.html# Servlet-Authentication-Authentication)类型为`UsernamePasswordAuthenticationToken`,并且具有一个主体,即配置的`UserDetailsService`返回的`UserDetails`。最终,返回的`UsernamePasswordAuthenticationToken`将由身份验证`Filter`设置在[`SecurityContextHolder`](../architecture.html# Servlet-authentication-securitycontextholder)上。 [PasswordEncoder ](password-encoder.html)[LDAP](ldap.html)