Challenge 1 / 1

We know that the supports() method in an authenticator is called at the start of every single request. What happens if we return false from this method?

The request continues like normal and the controller for that page is executed.

Authentication fails & the onAuthenticationFailure() method is called.

The supports() method on any other authenticators is called. And if all of those return false, access is denied.

Rewatch the video