Reputation: 2273
SpringSecurity without having to define the filter section in the web.xml
I'd like to use SpringSecurity in my webapplication without having to define the filter section in the web.xml, but using a Spring handler interceptor which delegates the call to the FilterChainProxy, which is DelegatingFilterProxy of SpringSecurity.
Basically I wouldn't like to alter the flow of execution of the chain of filters in SpringSecurity but make the request starting from my handler interceptor.
Any idea?
Upvotes: 3
Views: 153
Answers (1)
Reputation: 22742
It's not possible to do this properly from a handler interceptor, since it has no concept of a FilterChain. So you could feed the request into a Spring Security filter chain, but there is no way of passing on the request which it spits out the other end. Since Spring Security uses request wrappers, any functionality which depended on them would be lost. Any integration would have to be done at the dispatcher servlet level.
You might want follow this issue which covers exactly what you're asking for.
Upvotes: 2
Related Questions
- How to apply Spring Security filter only on secured endpoints?
- Is a filter necessary when using SpringSecurity?
- How to write a custom filter in spring security?
- Spring security custom authentication filter without web.xml
- Configuring a filter within a WebSecurityConfigurerAdapter
- Security configuration without XML with custom filters?
- How to Disable Spring Security Filters
- Spring Security Filters
- Spring: Is it possible to place your filter mappings in application-security.xml instead of web.xml?
- extend spring security filter chain