For a project I try to use Spring Security 3.2 as base security. Because this project is already up and running I do already have a other (own) security layer. Hence I made a custom authenticationprovider to melt the security layers. Works fine, till I also needed to make a custom anonymous authentication (Spring Security Documentation, chapter 13).
So I made a custom filter and removed the orignal filter:
<http request-matcher="regex" use-expressions="true">
<anonymous enabled="false" />
<custom-filter ref="anonymousAuthFilter" position="ANONYMOUS_FILTER"/>
...
</http>
the bean:
<beans:bean id="anonymousAuthFilter" class="own.package.auth.SecurityAnonymousAuthenticationFilter">
<beans:property name="key" value="anonymousKey "/>
<beans:property name="userAttribute" value="anonymous,ROLE_ANONYMOUS"/>
</beans:bean>
and te Java Class:
public class SecurityAnonymousAuthenticationFilter extends GenericFilterBean implements InitializingBean {
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
logger.info("Entering doFilter method");
//implementation code here
}
//other methods
}
The problem is that the doFilter method is not called when requesting the server. However the init method afterPropertiesSet() is being called... Does anyone understand why my customFilter is not fired?
P.S. I do have named the delegatingFilterProxy in the web.xml file, so that's not the problem.
Since the ANONYMOUS_FILTER
is a namespace related filter. You have to avoid any namespace tag that references to the specific filter psoition:
<http auto-config='false' request-matcher="regex" use-expressions="true">
<custom-filter ref="anonymousAuthFilter" position="ANONYMOUS_FILTER"/>
...
</http>
For further reference see the Spring security documentations in section 2.3.5: http://static.springsource.org/spring-security/site/docs/3.0.x/reference/ns-config.html
Edit: And for sure leave the <anonymous-enabled=false/>
tag.
Edit 2: Corrected my answer. This configuration should work. If not, well than we need to start looking at a bigger picture and you'd have to post more of your app, starting with the complete config.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With