Spring security custom filter called twice for REST Controller
Question
I implemented a custom Spring Security Filter to have a custom Authentication system. This works fine.
To configure my filter I used this config:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/api/**")
.csrf()
.disable()
.headers()
.frameOptions()
.disable()
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers("/api/**")
.authenticated().and().addFilterBefore(new MyTokenAuthFilter(), AbstractPreAuthenticatedProcessingFilter.class);
If I try to put a breakpoint into this filter I see that the method doFilterInternal will be called twice for each REST request. Strange.. Any suggestion?
1 answers
solution1
0 ACCPTED 2020-04-06 07:28:09
For those who encounter this problem I found the cause:
I declared my custom filter as @Component.
This is not necessary and this will produce a twofold filter registration in my case.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
spring security custom AuthenticationProvider is called twice and fails
Spring Security: AuthenticationProcessingFilter is called twice
Spring Security - Custom filter - Rest call from within the Custom Filter in Spring Security
Spring controller method called twice
Spring security - Custom filter and entry point for rest service
Spring Security custom filter
Spring boot filter called twice or not called at all
Spring REST API controller is not called
Spring security custom LogoutHandler not called
Testing Spring rest controller with Spring Security OAuth
Related Tags