Spring Security
  1. Spring Security
  2. SEC-53

Avoid reauthentication in Basic and Digest authentication processing filters

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 0.8.2, 0.8.3
    • Fix Version/s: 0.9.0
    • Component/s: Core
    • Labels:
      None
    • Environment:
      All

      Description

      Check the SecurityContextHolder for an authenticated Authentication and reuse it in that case, do not call the authentication manager again.

        Issue Links

          Activity

          Hide
          Ben Alex added a comment -

          BasicProcessingFilter modified to support requested behaviour.

          Due to complexities of how nonces work within DigestProcessingFilter, this behaviour cannot be implemented within the existing Digest implementation approach.

          Show
          Ben Alex added a comment - BasicProcessingFilter modified to support requested behaviour. Due to complexities of how nonces work within DigestProcessingFilter, this behaviour cannot be implemented within the existing Digest implementation approach.

            People

            • Assignee:
              Ben Alex
              Reporter:
              Fernando Mato Mira
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: