1. SecurityFilterChain

• A series of filters that authenticate requests and update the SecurityContext.
• Each filter is a distinct Java class.

2. SecurityContext

• Acts as a container that stores user authentication details such as - username, credentials, and authorities.
• Used for verification and validation within the application.

3. UsernamePasswordAuthenticationFilter

• Authenticates users based on their username and password.
• Updates the SecurityContext and HttpSession with the authentication object.
• Note: The UsernamePasswordAuthenticationFilter is Active only during the login process.

4. SecurityContextPersistenceFilter

• Ensures the SecurityContext's authentication persistence.
• Retrieves and updates the authentication from HttpSession for all post-login requests.

5. AuthenticationProvider

• Core component involved in the authentication process.
• Validates user entered credentials using PasswordEncoder and UserDetailsService.

6. UserDetailsService

• Interface for retrieving user details from the database.
• Must be implemented by developers to define custom logic.