changing properties of UsernamePasswordAuthenticationFilter not working
Hi Guys,
I want my spring security 3 to work also for "get" request so i changed property of postOnly to false for UsernamePasswordAuthenticationFilter to false but its not working
When i debuged i still am not able to processs my get request and i get POST = trueCode:<bean class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter"> <property name="postOnly" value="false"/> <property name="authenticationManager" ref="authenticationManager"/> </bean>
Do i need to override setPostOnly by writing my filter which extends UserNamePasswordAuthenticationFilter and then configure it in my app-servlet.xml
or what is the simplest way for me to setPostOnly as false
also If I need to write my custom filter and need to add it to my order then which order should i follow because
in my application i get this order
while in docs its mentionedCode:position 2 of 9 in additional filter chain; firing Filter: 'LogoutFilter' DEBUG ["http-bio-8080"-exec-4] (FilterChainProxy.java:375) - /login.do at position 3 of 9 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter' DEBUG ["http-bio-8080"-exec-4] (FilterChainProxy.java:375) - /login.do at position 4 of 9 in additional filter chain; firing Filter: 'RequestCacheAwareFilter' DEBUG ["http-bio-8080"-exec-4] (FilterChainProxy.java:375) - /login.do at position 5 of 9 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter' DEBUG ["http-bio-8080"-exec-4] (FilterChainProxy.java:375) - /login.do at position 6 of 9 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter' DEBUG ["http-bio-8080"-exec-4] (AnonymousAuthenticationFilter.java:67) - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@6fab4e5e: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe3f86: RemoteIpAddress: 127.0.0.1; SessionId: 64881782FB3E719FFECC4AD876555D42; Granted Authorities: ROLE_ANONYMOUS' DEBUG ["http-bio-8080"-exec-4] (FilterChainProxy.java:375) - /login.do at position 7 of 9 in additional filter chain; firing Filter: 'SessionManagementFilter' DEBUG ["http-bio-8080"-exec-4] (FilterChainProxy.java:375) - /login.do at position 8 of 9 in additional filter chain; firing Filter: 'ExceptionTranslationFilter' DEBUG ["http-bio-8080"-exec-4] (FilterChainProxy.java:375) - /login.do at position 9 of 9 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
any help will be highly appreciatedCode:CHANNEL_FILTER ChannelProcessingFilter http/intercept-url@requires-channel CONCURRENT_SESSION_FILTER ConcurrentSessionFilter session-management/concurrency-control SECURITY_CONTEXT_FILTER SecurityContextPersistenceFilter http LOGOUT_FILTER LogoutFilter http/logout X509_FILTER X509AuthenticationFilter http/x509 PRE_AUTH_FILTER AstractPreAuthenticatedProcessingFilter Subclasses N/A CAS_FILTER CasAuthenticationFilter N/A FORM_LOGIN_FILTER UsernamePasswordAuthenticationFilter http/form-login BASIC_AUTH_FILTER BasicAuthenticationFilter http/http-basic SERVLET_API_SUPPORT_FILTER SecurityContextHolderAwareFilter http/@servlet-api-provision REMEMBER_ME_FILTER RememberMeAuthenticationFilter http/remember-me ANONYMOUS_FILTER AnonymousAuthenticationFilter http/anonymous SESSION_MANAGEMENT_FILTER SessionManagementFilter session-management EXCEPTION_TRANSLATION_FILTER ExceptionTranslationFilter http FILTER_SECURITY_INTERCEPTOR FilterSecurityInterceptor http SWITCH_USER_FILTER SwitchUserFilter N/A
Reply With Quote
