How to replace UserPasswordAuthenticationFilter in Spring Security

Question

How to replace UserPasswordAuthenticationFilter in Spring Security

Using an XML configuration will look like

<custom-filter position="FORM_LOGIN_FILTER" ref="SCAAuthenticationFilter" />.

Without XML, it would look like this:

httpSecurity.addFilter(new SCAAthenticationFilter())

Spring doesn't seem to replace UsernamePasswordAuthenticationFilter , but it adds my filter earlier.

+4

java spring spring-security

Sandro simas May 22, '14 at 21:40

source share

2 answers

zydor · Answer 1 · 2016-08-16T21:42:40+0000

If you look at FormLoginConfigurer, you will see that the UsernamePasswordAuthenticationFilter is created and inserted into the AbstractAuthenticationFilterConfigurer constructor, then there it is assigned to the final F authFilter, so there is no way to replace it in Spring Security 4.1

addFilter () will simply add another filter to the filter list

Shaun the Sheep · Answer 2 · 2014-09-11T12:24:36+0000

, <form-login> <http auto-config="true"> . , Spring UsernamePasswordAuthenticationFilter . URL- - , , , .

How to replace UserPasswordAuthenticationFilter in Spring Security

More articles: