Solution for "No AuthenticationProvider found for authentication.UsernamePasswordAuthenticationToken" Error in Spring Boot

To resolve the error "No AuthenticationProvider found for authentication.UsernamePasswordAuthenticationToken" in Spring Boot, follow these steps:

  1. Check your Spring Security configuration to ensure that you have defined an AuthenticationProvider that supports UsernamePasswordAuthenticationToken.
  2. If you're using a custom AuthenticationProvider, make sure it's properly configured and registered with Spring Security.
  3. Verify that the authentication process is correctly configured in your application. This includes any custom authentication logic or filters.
  4. Ensure that the dependencies required for authentication, such as spring-security-core, are correctly included in your project's dependencies.
  5. Check for any misconfigurations in your application properties or XML configuration files related to authentication.
  6. If you're still encountering the error, consider checking your code for any issues related to how you're handling authentication, such as incorrect usage of AuthenticationManager or UserDetails.
  7. If you're unable to identify the issue, try debugging your application to trace the flow of authentication and identify where the error occurs.
            public class MyAuthenticationProvider implements AuthenticationProvider, Serializable {
                public boolean supports(Class<? extends Object> authentication) {
                    return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));
                // ...

Instead of excluding the entire SecurityAutoConfiguration, you can specifically exclude

Alternatively, you can expose a UserDetailsService bean that achieves the same effect, allowing you to get rid of the configureGlobal method. Here's how:

            public UserDetailsService userDetailsService() {
                UserDetails user = User.builder()
                return new InMemoryUserDetailsManager(user);

If you create your own UserDetailsService bean, there's no need to manually define a bean for AuthenticationProvider. This is because by default, a DaoAuthenticationProvider bean will be automatically created, which will automatically pick up your defined UserDetailsService bean.

However, if you define two or more UserDetailsService beans, then you'll need to define your own AuthenticationProvider. I made a mistake because I didn't realize I had another class that implements the UserDetailsService interface and annotated it with @Service, which created a second UserDetailsService bean.