Using expressions for <security:http fails in latest oauth2 codebase

**bjornharvold** · Oct 28th, 2011, 10:29 AM

I'll start commenting stuff out to see if I can figure out the discrepancy.

**bjornharvold** · Nov 4th, 2011, 09:38 AM

Figured out what the problem was on this one. Setting <http auto-config="true" registers a basic authentication filter which subsequently fails, when trying to run the NativeApplicationProviderIntegrationTest. The basic filter picks up the my-trusted-client as the user to authenticate with and fails.

How can we avoid this? Can we bypass this limitation somehow?

**Dave Syer** · Nov 5th, 2011, 02:54 AM

It seems like you just need to switch off the auto-config? It isn't very useful in practice, as you have demonstrated. If you actually need the basic auth for some reason maybe we can deal with that as a separate requirement?

**bjornharvold** · Nov 5th, 2011, 06:15 AM

Hi Dave,

That's what I did. Good for now. Thanks for your help.

Cheers
bjorn

Thread: Using expressions for <security:http fails in latest oauth2 codebase

Thread Tools

Display

Posting Permissions