Spring Security
  1. Spring Security
  2. SEC-1758

Can't disable filters on /** intercept-url pattern

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Won't Fix
    • Affects Version/s: 3.0.5
    • Fix Version/s: None
    • Component/s: Web
    • Labels:
    • Environment:
      JBoss 5.1.0.GA

      Description

      Steps to reproduce:

      1. Create a simple namespace configuration containing only one intercept-url definition:
      <http auto-config="false" use-expressions="true" entry-point-ref="entryPoint">
      <intercept-url pattern="/**" filters="none" />

      <custom-filter position="FORM_LOGIN_FILTER" ref="myFilter" /> <!-- this might not be needed -->
      </http>

      2. Enable debug log
      3. Access any application url

      You should be redirected to the entryPoint URL. You should also be able to see the filter chain being executed in the debug log.

      Desired behaviour:

      The filter chain should not be executed on any application URL.

        Activity

        Hide
        Luke Taylor added a comment -

        As I said in the forum, you can't do this because the namespace only creates one filter chain, which applies to all requests. So adding filters="none" would be the equivalent of omitting the <http> configurations altogether. The syntax isn't supported in 3.1 where you are free to define multiple filter chains.

        Show
        Luke Taylor added a comment - As I said in the forum, you can't do this because the namespace only creates one filter chain, which applies to all requests. So adding filters="none" would be the equivalent of omitting the <http> configurations altogether. The syntax isn't supported in 3.1 where you are free to define multiple filter chains.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Simeon Iliev
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: