This is central class in springsecurity3 package. You need to define AuthenticationService and AuthenticationFactory beans (usually from package springsecurity3).
You can use your own AuthenticationFactory implementation or extend AuthenticationService if you need do some post or pre processing during authentication process.
Default implementations depends also on UserDetailsService and AuthenticationDetailsSource.
Example spring configuration:
<bean id="userDetailsService" class="org.springframework.security.core.userdetails.memory.InMemoryDaoImpl">
<property name="userProperties">
<props>
<prop key="user1">password</prop>
</props>
</property>
</bean>
<bean id="kshieldAuthenticationFactory" class="cz.tdp.kshield.springsecurity3.SpringAuthenticationFactory" autowire="byType" />
<bean id="kshieldAuthService" class="cz.tdp.kshield.springsecurity3.SpringAuthenticationServiceImpl" autowire="byType">
<constructor-arg value="http://127.0.0.1:8485" />
</bean>
<bean id="authenticationDetailsSource" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper" autowire="byType" />
<bean id="kshieldAuthenticationFilter" class="cz.tdp.kshield.springsecurity3.KShieldPreAuthenticationFilter" autowire="byType">
<property name="authenticationDetailsSource" ref="authenticationDetailsSource" />
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationService" ref="kshieldAuthService" />
</bean>
You should add PreAuthenticatedAuthenticationProvider provider to authentication manager configuration and define alias:
<bean id="preAuthenticatedAuthenticationProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider" autowire="byType" />
<security:authentication-manager alias="authenticatedManager">
<security:authentication-provider ref="preAuthenticatedAuthenticationProvider" />
...
</security:authentication-manager>
Finally you need add custom filter (defined above) to your http element config:
<security:http>
...
<security:custom-filter position="PRE_AUTH_FILTER" ref="kshieldAuthenticationFilter" />
</security:http>