I want to configure Spring Security to enable both BASIC and DIGEST authentication for the same set of URL's, but it's unclear whether or not this is possible. I see that I need to enable multiple AuthenticationEntryPoint instances to set the appropriate HTTP headers, but I don't see any built in classes to accomodate this. DelegatingAuthenticationEntryPoint comes close, but ultimately it only selects one entry point.
I 开发者_StackOverflowimplemented a custom AuthenticationEntryPoint that calls the commence method on a supplied list of AuthenticationEntryPoint instances, but it eventually throws an IllegalStateException because each AuthenticationEntryPoint calls sendError (which I gather is not allowed).
Is there any way to do this without implementing a completely custom entry point?
Id did it by configuring Spring security for Digest authentication only, and then adding a BasicProcessingFilter manually at the beginning of the filter chain, as explained There
<bean id="basicProcessingFilter" class="org.springframework.security.ui.basicauth.BasicProcessingFilter">
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
<security:custom-filter before="AUTHENTICATION_PROCESSING_FILTER"/>
<property name="authenticationEntryPoint"><ref bean="authenticationEntryPoint"/></property>
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论