**Spring Security 认证执行流程(基于源码进行分析)**
当浏览器发送登录请求时,会被FilterChainProxy拦截,他会将请求发送到SecurityContextPersistenceFilter,这个filter会从SecurityContextRepository中获取SecurityContext对象,然后将SecurityContext对象设置给SecurityContextHolder中
此时SecurityContextPersistenceFilter告一段落,然后FilterChain会调用UsernamePasswordAuthenticationFilter,UsernamePasswordAuthenticationFilter会从请求中将账户名和密码封装成token,然后将此token交给AuthentiactionManager,AuthenticationManager调用AuthenticationProvider.authenticate()方法执行认证,在这个方法中有多个provider(认证实例方法)进行认证,将token交给DaoAuthenticationProvider进行认证,DaoAuthenticationProvider会从传入的token中获取username,根据username在UserDetailsService中获取User