Andy O'Neill (Migrated from SEC-1954) said:
Javadocs claim that this method is protected, but it is actually protected final. This is also in contradiction with the javadoc comment:
"Allows subclasses to actually retrieve the UserDetails from an implementation-specific location, with the option of throwing an AuthenticationException immediately if the presented credentials are incorrect (this is especially useful if it is necessary to bind to a resource as the user in order to obtain or generate a UserDetails)."
Luke Taylor said:
The Javadoc says:
"Description copied from class: AbstractUserDetailsAuthenticationProvider"
so it refers to the base class. You should extend that class if you want to provide a custom implementation.
Rob Winch said:
As Luke mentioned, this indicates the documentation is from the superclass