If you use the context propagation, you don't need the basic http authentication on the server side, as it will be overriden by the authentication in the remote call anyway: the filter sets the authentication on the call based on the http usename and pass, but the remote invocation overrides the previously set authentication. So you don't need to do every call using HTTP username and pass.
So if you know that every call to your HTTP invoker proxy will be done with context propagation, you don't need to use the DelegatingFilter (you can keep using it though). But if you don't know, the safe bet is to keep the DelegatingFilterProxy. But if you use context propagation AND the http authentication, you'll need to provide a way so that non-http authenticated calls (but which contain a embedded security context) still get through. In other words, you'll have to enable anonymous access.
MSN: PM me please
Spring Rich Client Project Lead