Have two auth-method for a web application
Hi,
I'm trying to put 2 auth-method using spring security on a web-application. Indeed, I'd like that the servlet A to be authentified using BASIC auth and servlet B using FORM auth.
I try to do this kind of thing in the applicationContext.xml file :
Code:
<http use-expressions="true">
<intercept-url pattern="/A" access="user"/>
<http-basic/>
</http>
<http use-expressions="true">
<intercept-url pattern="/B" access="user"/>
<form-login />
</http>
...
However when I start tomcat I've got the error
Code:
16:22:13.202 [localhost-startStop-1] ERROR o.s.web.context.ContextLoader - Context initialization failed
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChainProxy': Invocation of init metho
d failed; nested exception is java.lang.IllegalArgumentException: A universal match pattern ('/**') is defined before other patterns in the filter chain, causi
ng them to be ignored. Please check the ordering in your <security:http> namespace or FilterChainProxy bean configuration
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1422) ~[spring-be
ans-3.0.7.RELEASE.jar:3.0.7.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:518) ~[spring-beans
-3.0.7.RELEASE.jar:3.0.7.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:455) ~[spring-beans-3
.0.7.RELEASE.jar:3.0.7.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:293) ~[spring-beans-3.0.7.RELEASE.jar:3.0.7.RELEAS
E]
Do you know if what I'm trying to do is ok with Spring or should I put the differents servlet in differents WAR files ?
Regards,
Blured.
