Following is an example about how to configure your own provider.
Spring security version is 2.0.5.
<?xml version="1.0" encoding="UTF-8"?> <b:beans xmlns="http://www.springframework.org/schema/security" xmlns:b="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd"> <http> <intercept-url pattern="/**" access="ROLE_USER" /> <intercept-url pattern="/openidlogin.jsp*" filters="none" /> <logout /> <openid-login login-page="/openidlogin.jsp" authentication-failure-url="/openidlogin.jsp?login_error=true" /> </http> <b:bean id="myUserDetailsService" class="com.dingfei.openid.MyUserDetailsService" /> <!-- just define your userservice--> <b:bean id="openIdAuthenticationProvider" class="org.springframework.security.providers.openid.OpenIDAuthenticationProvider"> <b:property name="userDetailsService" ref="myUserDetailsService" /> </b:bean> <authentication-manager alias="authenticationManager" /> <!-- If you configre like following, all providers will use this userservice --> <!-- <authentication-provider user-service-ref="myUserDetailsService" /> --> </b:beans>