Geek Answers Handbook

Multiple pre-filters in Spring Security?

I need to have several PRE_AUTH Spring Security filters. In particular, I need to use the PRE_AUTH filter in addition to the two filters configured as PRE_AUTH in the SAML extension on Spring Security 3.0. The following is an existing SAML configuration.

 <security:http entry-point-ref="samlEntryPoint"> <!-- snip intercepts --> <security:custom-filter after="BASIC_AUTH_FILTER" ref="samlProcessingFilter"/> <security:custom-filter before="PRE_AUTH_FILTER" ref="samlEntryPoint"/> <security:custom-filter position="PRE_AUTH_FILTER" ref="metadataFilter"/> <security:custom-filter after="LOGOUT_FILTER" ref="samlLogoutFilter"/> <security:custom-filter before="LOGOUT_FILTER" ref="samlLogoutProcessingFilter"/> </security:http>

The optional PRE_AUTH filter must be checked before any of the existing filters (that is: a user authenticated using this authentication method should not be allowed to use SAML.

I decided to change it as follows.

 <!-- snip --> <security:custom-filter before="PRE_AUTH_FILTER" ref="newPreAuthFilter"/> <security:custom-filter position="PRE_AUTH_FILTER" ref="samlEntryPoint"/> <security:custom-filter after="PRE_AUTH_FILTER" ref="metadataFilter"/> <!-- snip -->

Whether this will work or a more complex solution is required.

+4
source share
2 answers

A very old question, but still relevant. Use the composite filter from spring:

 <security:custom-filter before="PRE_AUTH_FILTER" ref="compositeAuthFilter"/> <bean id="compositeAuthFilter" class="org.springframework.web.filter.CompositeFilter"> <property name="filters"> <list> <ref bean="airlockAuthFilter"/> <ref bean="samlEntryPoint"/> <ref bean="metadataFilter"/> </list> </property> </bean>
+8
source

It seems like this is possible in Spring 3.1. See This fooobar.com/questions/565121 / .... Hope this helps.

0
source

More articles:


All Articles