Announcement Announcement Module
Collapse
No announcement yet.
changing properties of UsernamePasswordAuthenticationFilter not working Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • changing properties of UsernamePasswordAuthenticationFilter not working

    Hi Guys,
    I want my spring security 3 to work also for "get" request so i changed property of postOnly to false for UsernamePasswordAuthenticationFilter to false but its not working

    Code:
        <bean class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
        <property name="postOnly" value="false"/> 
        	<property name="authenticationManager" ref="authenticationManager"/>
        </bean>
    When i debuged i still am not able to processs my get request and i get POST = true

    Do i need to override setPostOnly by writing my filter which extends UserNamePasswordAuthenticationFilter and then configure it in my app-servlet.xml

    or what is the simplest way for me to setPostOnly as false

    also If I need to write my custom filter and need to add it to my order then which order should i follow because
    in my application i get this order
    Code:
    position 2 of 9 in additional filter chain; firing Filter: 'LogoutFilter'
    DEBUG ["http-bio-8080"-exec-4] (FilterChainProxy.java:375) - /login.do at position 3 of 9 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
    DEBUG ["http-bio-8080"-exec-4] (FilterChainProxy.java:375) - /login.do at position 4 of 9 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
    DEBUG ["http-bio-8080"-exec-4] (FilterChainProxy.java:375) - /login.do at position 5 of 9 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
    DEBUG ["http-bio-8080"-exec-4] (FilterChainProxy.java:375) - /login.do at position 6 of 9 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
    DEBUG ["http-bio-8080"-exec-4] (AnonymousAuthenticationFilter.java:67) - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@6fab4e5e: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe3f86: RemoteIpAddress: 127.0.0.1; SessionId: 64881782FB3E719FFECC4AD876555D42; Granted Authorities: ROLE_ANONYMOUS'
    DEBUG ["http-bio-8080"-exec-4] (FilterChainProxy.java:375) - /login.do at position 7 of 9 in additional filter chain; firing Filter: 'SessionManagementFilter'
    DEBUG ["http-bio-8080"-exec-4] (FilterChainProxy.java:375) - /login.do at position 8 of 9 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
    DEBUG ["http-bio-8080"-exec-4] (FilterChainProxy.java:375) - /login.do at position 9 of 9 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
    while in docs its mentioned

    Code:
    CHANNEL_FILTER	ChannelProcessingFilter	http/intercept-url@requires-channel
    CONCURRENT_SESSION_FILTER	ConcurrentSessionFilter 	session-management/concurrency-control
    SECURITY_CONTEXT_FILTER	SecurityContextPersistenceFilter	http
    LOGOUT_FILTER 	LogoutFilter	http/logout
    X509_FILTER 	X509AuthenticationFilter	http/x509
    PRE_AUTH_FILTER 	AstractPreAuthenticatedProcessingFilter Subclasses	N/A
    CAS_FILTER 	CasAuthenticationFilter	N/A
    FORM_LOGIN_FILTER 	UsernamePasswordAuthenticationFilter	http/form-login
    BASIC_AUTH_FILTER 	BasicAuthenticationFilter	http/http-basic
    SERVLET_API_SUPPORT_FILTER	SecurityContextHolderAwareFilter	http/@servlet-api-provision
    REMEMBER_ME_FILTER 	RememberMeAuthenticationFilter	http/remember-me
    ANONYMOUS_FILTER 	AnonymousAuthenticationFilter	http/anonymous
    SESSION_MANAGEMENT_FILTER	SessionManagementFilter	session-management
    EXCEPTION_TRANSLATION_FILTER 	ExceptionTranslationFilter	http
    FILTER_SECURITY_INTERCEPTOR 	FilterSecurityInterceptor	http
    SWITCH_USER_FILTER 	SwitchUserFilter	N/A
    any help will be highly appreciated

  • #2
    Done........

    Comment

    Working...
    X