I'm using the current release of spring (3.0.5) ans spring security for my webapplication.
The application can be called from two different ways:
1. PreAuthenticatedAuthenticationProvider: the request contains an "iv-user" parameter with the username of the current user (already authenticated by another application) - this way works fine.
2. Webservice call: until now this call was not secured and workes also fine, but from now the security should be handled by spring security using basic authentication.
I don't know how to configure spring security in the server application depending on the URI. I've already tried this:
But I don't know how to proceed, to secure the webservice with basic authentication, e.g where to define the username and password.
<beans:bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy" >
<filter-chain pattern="/pages/**" filters="
<filter-chain pattern="/webservice/**" filters="
Thanks for your help,