Aug 29th, 2011, 04:23 PM
Spring Security and Tomcat 6 Advanced IO
We have a web app based on spring mvc and spring security. I am working on a part of this web app for which I need to use the Tomcat's Advanced IO(http://tomcat.apache.org/tomcat-6.0-doc/aio.html). I am using CometProcessor for pushing notifications from the server to client. Hence for this part I have moved away from the spring-mvc part. I have developed a servlet which extends HttpServlet and implements CometProcessor. This part works well w/o the spring security authentication. This is because spring security uses servlet filters and Comet requires CometFilters. I want to use spring security authentication for this part as other stuff works well with spring security authentication. My first impression is to have a comet filter variant for all the Spring security filters, but this is not a elegant solution. Also, I tried doing it for some basic filters but it doesn't seem to work. So please help me in getting to a solution to this problem.
Jan 8th, 2013, 12:15 PM
We had a similar issue when we tried to make Atmosphere work with Wicket and SpringSecurity. Atmosphere defines a servlet which implements CometProcessor. Wicket and SpringSecurity are normally two filters defined in web.xml. We created our custom filter chain and delegated to it from the servlet. The filters were initialized programmatically.
Originally Posted by sudeepster