spring


Spring Security Filter is not being triggered by configuration


I am configuring the security of my REST and I don't know how I can secure my methods, however allowing a filter to trigger to set my Authority
http
.authorizeRequests()
.antMatchers(PERSISTENCE_SERVICE_URL)
.hasAuthority(AUTHORITY_PERSISTENCE_SERVICE)
.and()
.csrf()
.disable();
And in my Filter which extends OncePerRequestFilter does something like this
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
this.authenticationImpl.init();
String jwt = request.getHeader("jwt");
String refresh = request.getHeader("refresh");
if(jwt != null) {
this.jwtPropertyExtractor.commitJwt(jwt, refresh);
String jwtId = this.jwtPropertyExtractor.getIdentityId();
String securityRole = this.jwtPropertyExtractor.getSecurityRole();
this.authenticationImpl.setIdentityId(jwtId);
this.authenticationImpl.updateSecurityRole(securityRole);
SecurityContextHolder.getContext().setAuthentication(this.authenticationImpl);
}
filterChain.doFilter(request, response); }
So when I place .hasAuthority(AUTHORITY_PERSISTENCE_SERVICE) in my configuration, my filter is not even being triggered but i need him to set my authentication.
Ok i added
.addFilterBefore(jwtAuthorisationFilter(),
BasicAuthenticationFilter.class);
}
#Bean
public JwtAuthorisationFilter jwtAuthorisationFilter() {
return new JwtAuthorisationFilter(jwtExtractor(),
authenticationImpl());
}
Now its working fine thx for that hint :>

Related Links

Autowired Environment is null in #Configuration-annotated classes
Hide certain fields from a spring request body in swagger
Spring Boot unabe to serve static image from resource folder
CDI #ViewScoped bean functionality unavailable
Passing NT Credentials to org.apache.commons.httpclient.HttpClient (Spring RestTemplate Dependency)
#RequestParam annotation at class level not working as expected
Who maintain the session - Is it application framework or application server?
Spring, switch property file depending on profile
Why I am getting NoSuchBeanDefinitionException when I deploy my Spring application in Tomcat?
How to disable the 'Authentification required popup' in Spring server configuration?
Getting javax.transaction.TransactionManager exception when processing the jms message in another thread
OAuth2: separate clients (browsers/sessions) which uses same credentials?
Spring FTP Integration : Very slow when remote directory is having 5000000 files
Spring Boot Persistence
set heartbeat property on rabbitmq autoconfig connectionfactory bean
Spring MVC multiple views in multiple locations

Categories

HOME
spring
laravel-5
payment-gateway
avro
visualization
cocos2d-x-3.0
travis-ci
ll
devstack
jboss-eap-7
x11
hashicorp-vault
webmethods
spring-cloud-config
plsqldeveloper
thingsboard
tarantool
novnc
philips-hue
skmaps
percentage
helix-3d-toolkit
outsystems
hotmail
qtablewidget
rider
vmd
lexical-analysis
cgo
jupyter-console
xbim
archer
rdw
amazon-machine-learning
web-deployment-project
quintus
iphone-developer-program
date-range
adler32
mailcatcher
mix
excon
boost-hana
spatial-query
fps
supportmapfragment
post-processing
mfc-feature-pack
xmp
except
function-fitting
geodjango
integral
prezto
leadtools-sdk
pgm
stackframe
lexicographic
docopt
log4cplus
csplit
funkload
level
ssms-addin
phpdocx
codeigniter-a3m
joox
chrome-for-android
baucis
argb
iconv
resgen
vertical-scrolling
abnf
css-tables
wcf-web-api
msgbox
cross-domain-policy
curljs
printing-web-page
gtk2hs
testunit
getresource
hardware-acceleration
yajl
clients
filetime
plinq
opcodes
database-diagramming
associativity

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App