Spring Security HTTP Basic Authentication

by

Auto-answer

T_T Two days of hitting my head against the code for this…

Looks like it is not a problem of the code. I was using Weblogic with it and Weblogic captures the requests with the “authorization” header, so it doesn’t get to my authentication-manager. I tried it with glassfish, and it works perfectly.

Searching for some info, I found an useful entry in the next blog:
http://yplakosh.blogspot.com/2009/05/how-to-fix-basic-authentication-issue.html

Adding the next line in the config.xml from my Weblogic server(<security-configuration> section):

<enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>

Weblogic will not catch the basic authentication credentials again, so it will be your authentication-manager who will handle it.

I hope it can save some time to anyone 🙂

More Related Contents:

  1. Selenium – Basic Authentication via url
  2. Spring Security : Multiple HTTP Config not working
  3. How to fix role in Spring Security?
  4. How to create custom methods for use in spring security expression language annotations
  5. Spring Security Configuration – HttpSecurity vs WebSecurity
  6. Configuring Spring Security 3.x to have multiple entry points
  7. Spring Boot 2.0.x disable security for certain profile
  8. How to manage exceptions thrown in filters in Spring?
  9. Disable Spring Security for OPTIONS Http Method
  10. Logging user activity in web app
  11. Multiple WebSecurityConfigurerAdapters: JWT authentication and form login in spring security
  12. HttpSecurity, WebSecurity and AuthenticationManagerBuilder
  13. How to check “hasRole” in Java Code with Spring Security?
  14. Logout/Session timeout catching with spring security
  15. Spring security does not allow CSS or JS resources to be loaded
  16. how to display custom error message in jsp for spring security auth exception
  17. Spring Security 5 : There is no PasswordEncoder mapped for the id “null”
  18. Securing Spring Boot API with API key and secret
  19. Spring Security multiple url ruleset not working together
  20. JAAS for human beings
  21. Spring Security HTTP Basic for RESTFul and FormLogin (Cookies) for web – Annotations
  22. Spring security added prefix “ROLE_” to all roles name?
  23. Why this Spring application with java-based configuration don’t work properly
  24. How to reload authorities on user update with Spring Security
  25. How do I disable resolving login parameters passed as url parameters / from the url
  26. HttpClientBuilder basic auth
  27. Spring security @PreAuthorize hasRole() properties injection
  28. How to secure REST API with Spring Boot and Spring Security?
  29. Why BCryptPasswordEncoder from Spring generate different outputs for same input?
  30. Cross-Origin Resource Sharing with Spring Security

Leave a Comment