Uploaded image for project: 'Spring Security'
  1. Spring Security
  2. SEC-1440

Allow setting of separate entry-point-ref for http-basic namespace element

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Complete
    • Affects Version/s: 3.0.2
    • Fix Version/s: 3.0.3, 3.1.0.M1
    • Component/s: Namespace
    • Labels:
      None

      Description

      After migration to Spring Secuiry 3.0 (from 2.0), our custom EntryPoint, which overrides BasicAuthenticataionEntryPoint, is not being called anymore.
      After some debugging, I think the problem is that BasicAuthenticationFilter catches authentication exception, and then it uses its own BasicAuthenticationEntryPoint (the one which is actually created in "createBasicFilter" method from schema builder), instead of delegating to the main, customized entry point declared in "entry-point-ref" attribute.
      See more detailed description on Spring forum http://forum.springsource.org/showthread.php?p=289354.

        Attachments

          Activity

            People

            Assignee:
            luke Luke Taylor
            Reporter:
            grzegorzborkowski Grzegorz Borkowski
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: