Announcement Announcement Module
Collapse
No announcement yet.
Adding filter to java config with multiple WebSecurityConfigurerAdapters Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Adding filter to java config with multiple WebSecurityConfigurerAdapters

    Hi all,

    From the documentation, one can mimic multiple <http> elements in the java config by extending WebSecurityConfigurerAdapter multiple times. I've done this, and added a couple custom filters to just one of them, but the odd thing is that the filters seem to be applied to all requests, even ones it shouldn't be matching. Here is a sample of my config:

    Code:
    @Configuration
    class ConfigA extends WebSecurityConfigurerAdapter {
        public void configure(HttpSecurity http) {
            http
              .antMatcher("/foo")
              .authorizeRequests()
                   .anyRequest().fullyAuthenticated()
                  .and()
             .addFilterAfter(myFilter, BasicAuthFilter.class)
            ...
       }
    }
    
    @Configuration
    class ConfigB extends WebSecurityConfigurerAdapter {
        public void configure(HttpSecurity http) {
            http
              .antMatcher("/bar")
              .authorizeRequests()
                   .anyRequest().fullyAuthenticated()
                  .and()
    ‚Äč         ...
       }
    }
    What am I missing? Is this by design that that filter is applied to both/all requests? Is the filter itself supposed to figure out which requests it should apply to?

    Thanks,
    Justin
Working...
X