Announcement Announcement Module
No announcement yet.
Spring security Filters and Authentication in Spring Web Services Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring security Filters and Authentication in Spring Web Services

    Hi, I had recently been able to secure my web application and authenticate the user by using basic authentication. An added requirement was to check against user's ip address from request parameter and I leveraged use of Custom authentication details source and override of BASIC_AUTH_FILTER. (see:

    Now I have a Spring Web Service that uses SimplePasswordValidationCallbackHandler and the same AuthenticationManager / Provider configuration as above (except for the http namespace configuration which has all my custom filter logic).
    I would like to do a similar activity to authenticate a user completely only if their ip addresses match when authenticating in a Web Service.
    I pass the username and password in the SOAP headers and authentication happens without any issues.
    Any thoughts if i can reuse my existing configuration here for the AuthenticationDetailsSource and Custom filter. Is this even achievable or am I on a completely different track here?