This is the security provider type that is used to configure spring-security related functionality. An spring security-based security provider that delegates authorization to some other provider. Authenticate users via information in standard HTTP headers. Deprecated. Use http:basic-security-filter instead. The delegate-security-provider to use for authenticating. Use this element in case you have multiple security managers defined in your configuration. Authorize users against a required set of authorities. The authorities that are required for the user to be granted further access in the flow.