Uploaded image for project: 'Spring Security'
  1. Spring Security
  2. SEC-53

Avoid reauthentication in Basic and Digest authentication processing filters

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.8.2, 0.8.3
    • Fix Version/s: 0.9.0
    • Component/s: Core
    • Labels:
      None
    • Environment:
      All

      Description

      Check the SecurityContextHolder for an authenticated Authentication and reuse it in that case, do not call the authentication manager again.

        Issue Links

          Activity

          Hide
          balex Ben Alex added a comment -

          BasicProcessingFilter modified to support requested behaviour.

          Due to complexities of how nonces work within DigestProcessingFilter, this behaviour cannot be implemented within the existing Digest implementation approach.

          Show
          balex Ben Alex added a comment - BasicProcessingFilter modified to support requested behaviour. Due to complexities of how nonces work within DigestProcessingFilter, this behaviour cannot be implemented within the existing Digest implementation approach.

            People

            • Assignee:
              balex Ben Alex
              Reporter:
              matomira Fernando Mato Mira
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: