Results 1 to 5 of 5

Thread: filter-chains

  1. Jan 17th, 2011, 04:43 PM #1
    sseaman
    sseaman is offline Junior Member
    Join Date
    Jan 2011
    Posts
    14

    Default filter-chains

    I have a project where I have to authenticate two different ways. One from a cookie, one from Flex.

    I've got the filter-chain working for the cookie but I'm not sure how flex does it's authentication (I think BASIC). If I remove my filter chains and just do Flex then security works.

    So my question is: What is the default filter chain (I think I found it at http://static.springsource.org/sprin...custom-filters) and more importantly, what are the default bean definitions for the filters?

    My hope it just to define a chain that is the same as the default chain and then remove pieces till I get it down to just what I need.

    Thing is, I'm having trouble finding the default bean definitions...
    Reply With Quote Reply With Quote
  2. Jan 17th, 2011, 04:59 PM #2
    amiladomingo
    amiladomingo is offline Senior Member
    Join Date
    Dec 2010
    Location
    Singapore
    Posts
    284

    Default

    This is a good read http://blog.springsource.com/2010/03...ity-namespace/
    Amila Domingo
    Reply With Quote Reply With Quote
  3. Jan 17th, 2011, 05:42 PM #3
    sseaman
    sseaman is offline Junior Member
    Join Date
    Jan 2011
    Posts
    14

    Default Read it before...

    I read that article before and it does give a good overview but it doesn't cover all of the beans (such as BasicAuthenticationFilter).

    It was very helpful for the cookie chain, but it comes up a little short for the rest.

    I wonder if there is something in the jar's that has all the information?

    Thanks!
    Reply With Quote Reply With Quote
  4. Jan 17th, 2011, 08:28 PM #4
    pmularien
    pmularien is offline Senior Member
    Join Date
    Sep 2004
    Location
    Manchester, NH
    Posts
    1,236

    Default

    If you start with the HttpConfigurationBuilder (assuming you are using Spr Sec 3), and walk through all the beans it creates, you should have a fairly good idea of all the bits that are involved in the default filter chain. Also, stepping through a full request in a debugger is enormously insightful. This level of detail really wouldn't be documented in the high-level documentation, since most people are unlikely to get to this kind of detail in day-to-day use.

    Hope that helps! Ping back if you have further questions once you start digging...
    Peter Mularien | Blog
    Author, Spring Security 3 (Book) - Packt Publishing, Available in print and eBook form
    SCJP 5, Oracle DBA
    Any postings are my own opinion, and should not be attributed to my employer or clients.
    Reply With Quote Reply With Quote
  5. Jan 18th, 2011, 07:38 AM #5
    Luke Taylor
    Luke Taylor is offline Senior Member Acegi Security System TeamSpring Team
    Join Date
    Aug 2004
    Location
    Glasgow, Scotland
    Posts
    3,449

    Default

    Another obvious way to view the filter chain is to use a stacktrace - e.g. from the debug log when the initial access to a secured resource fails.

    If you use 3.1, the debug filter (added by using the <debug /> element) will also report the filter stack for each request, or you can directly introspect the FilterChainProxy once it is created.

    The filter stack will vary depending on which features you enable and can also be different for different requests (i.e. there can be multiple filter chains).
    Spring - by Pivotal
    twitter @tekul
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules