Hello, thanks for your answer!
you're rightI can see how you might have mistook what you read to mean that the UsernamePasswordAuthenticationFilter is required, but if you re-read it you might be able to interpret it differently.
so, generally, I do not have to use the AuthenticationManager, as long as I can put somehow a verified Authentication Object in my SecurityContext?
but in general most of the authentication possibilities which Spring Security offers use the AuthenticationManager, just like pmularien said
if these two sentences are correct, I guess, I finally understand it