Spring Security
  1. Spring Security
  2. SEC-1250

RequestHeaderPreAuthenticatedProcessingFilter cannot be use to fail back to another authentication type

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.4
    • Fix Version/s: 3.0.0 RC1
    • Component/s: None
    • Labels:
      None
    • Environment:
      LemonLDAP::NG (http://lemonldap.ow2.org) as a WebSSO product

      Description

      Hello,

      I use preauth to get connected user through an HTTP header. This works fine, but I would like to ba able to failback to another authentication method if no header is present. The goal is to be able to manage user's connected with the WebSSO and other accessing the application in direct.

      There is no security problems because we manage different virtualhost to protect the webapp (one wirtualhost is handled by the WebSSO, another checks that the user do not forge its own headers and connects directly to the webapp).

      I join a class that we made to extend RequestHeaderPreAuthenticatedProcessingFilter, but I think this could be nice to have a parameter like "ContinueWithoutHeader", that will be false by default.

      We can provide any help to solve this.

      Thank you,

      Clément.

        Issue Links

          Activity

          Hide
          Luke Taylor added a comment -

          I've added a property called "exceptionIfHeaderMissing" which controls whether an exception will be raised by the getPreAuthenticationPrincipal method.

          Show
          Luke Taylor added a comment - I've added a property called "exceptionIfHeaderMissing" which controls whether an exception will be raised by the getPreAuthenticationPrincipal method.

            People

            • Assignee:
              Luke Taylor
              Reporter:
              Clement OUDOT
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: