We can use Custome UserDetailsService and custom AuthenticationProvider for user authentication in Spring Security. Here I'm taking example of custom UserDetailsService.

UserDetailsService is a Core interface which loads user-specific data. It is used throughout the framework as a user DAO and it is used by the DaoAuthenticationProvider.

AuthenticationProvider can process a specific Authentication implementation.

See the below steps to use custom UserDetailsService and AuthenticationProvider in Spring security for user authentication:

1. Define the below configuration in your applicationContext-security.xml file

<beans:beans xmlns="http://www.springframework.org/schema/security"
  xmlns:beans="http://www.springframework.org/schema/beans"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://www.springframework.org/schema/beans
          http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
          http://www.springframework.org/schema/security
          http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <http auto-config='true'>
      <intercept-url pattern="/secured/*" access="ROLE_USER" />
      <logout logout-success-url="/logout"/>
    </http>

    <!-- Authentication Manager -->

    <!-- This will override the settings of authentication manager bean. -->
    <authentication-manager alias="authenticationManager">
    <authentication-provider user-service-ref="userDetailsService">
        <password-encoder hash="sha" base64="true" />
    </authentication-provider>
    </authentication-manager>


    <!-- Beans and Providers -->

    <beans:bean id="userDetailsService"
    class="com.evon.authentication.AuthenticationService">
    </beans:bean>

</beans:beans>

2. Write the below class which implements UserDetailsService

AuthenticationService.java

package com.evon.authentication;

import java.util.Vector;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.dao.DataAccessException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import com.storistic.authorization.Role;
import com.storistic.dbservices.response.model.UserLoginResponse;


public class AuthenticationService implements UserDetailsService
{

    private Logger logger = LoggerFactory.getLogger(AuthenticationService.class);

    @SuppressWarnings("deprecation")
    @Override
    public UserDetails loadUserByUsername(String username)
            throws UsernameNotFoundException, DataAccessException
    {
    logger.debug("Loading user by name: " + userName);
    Vector userAuthorities = new Vector();
        userAuthorities.add(new GrantedAuthorityImpl(Role.USER_ROLE.roleName()));
        userAuthorities.add(new GrantedAuthorityImpl(Role.ADMIN_ROLE.name()));
        UserDetails user = new User(username, "password", true, true, true, true, userAuthorities);
        return user;
    }

}