Jean-Pierre Bergamin (Migrated from SEC-3191) said:

The AuthenticationProvider interface has the boolean supports(Class<?> authentication) method to let the provider decide if it supports an specific type of Authentication. Let the provider also decide if it supports a specific Authentication object by adding a boolean supports(Authentication authentication) method.

Use case: One AuthenticationProvider authenticates e-mail addresses (usernames) that end in "foo.com", another one authenticates e-mail addresses ending in bar.com and a third one authenticates usernames which are not e-mail addresses.

Comment From: spring-projects-issues

Jean-Pierre Bergamin said:

Please see https://github.com/spring-projects/spring-security/pull/253

Comment From: eleftherias

From PR gh-253

Unfortunately we cannot add a new method to an interface as this breaks passivity. Fortunately, you can have the AuthenticationProvider return null if it does not support the Authentication object.