Reputation: 2828
Spring security adding filter before authentication filter
I need to implement REST Basic authentication in my application. In which the request will contain a header with the value of the username:password encrypted to base64.
My application uses DaoAuthenticationProvider. This way, the provider expects username & password in order to do the authentication process.
From the configuration of the authentication filter, I saw that the filter has two properties (usernameParameter and passwordParameter). In my case, the username and password will not be sent as parameters so I thought to have a filter before the authentication processing filter which retrieve the required data from the request header, then pass it to the next filter.
My questions:
- Is this the proper way to do rest basic authentication? Or there are any other ways?
- Is there any example for having a custom filter before the authentication processing filter?
Upvotes: 0
Views: 2627
Answers (1)
Reputation: 58124
You're probably looking at the wrong filter because there is one that does HTTP basic auth already (see e.g. docs here). Example:
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.anyRequest().authenticated()
.and()
.httpBasic();
}
Upvotes: 1
Related Questions
- How to create a custom authentication filter in Spring Security?
- Spring Security Custom Authentication Filter and Authorization
- Adding a custom filter to authentication process in Spring Security
- Spring security authentication Filter Exception
- How to use filters in spring security and develop Authentication in filters
- How to configure custom authentication filter in spring security - using java config
- Spring Security custom authentication filter using Java Config
- Custom authenticationFilter Spring Security 3.2
- Spring Security Filters
- How to combine authentication filters in spring