For the project, I am trying to use Spring Security 3.2 as the base security. Since this project is already running, I already have a different (own) level of security. Consequently, I made an authenticationprovider customer to melt security levels. Works well until I need to do basic anonymous authentication ( Spring Security Documentation, Chapter 13 ).
So, I created my own filter and removed the orignal filter:
<http request-matcher="regex" use-expressions="true"> <anonymous enabled="false" /> <custom-filter ref="anonymousAuthFilter" position="ANONYMOUS_FILTER"/> ... </http>
bean:
<beans:bean id="anonymousAuthFilter" class="own.package.auth.SecurityAnonymousAuthenticationFilter"> <beans:property name="key" value="anonymousKey "/> <beans:property name="userAttribute" value="anonymous,ROLE_ANONYMOUS"/> </beans:bean>
and te Java Class:
public class SecurityAnonymousAuthenticationFilter extends GenericFilterBean implements InitializingBean { public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { logger.info("Entering doFilter method");
The problem is that the doFilter method is not called when the server requests. However, the init method afterPropertiesSet () is called ... Does anyone understand why my customFilter does not start?
PS I called delegating FilterProxy in the web.xml file, so no problem.
source share