Spring Security HTTP Basic for RESTFul and FormLogin (Cookies) for web - Annotations

Question

In Specific

I want to have HTTP Basic authentication ONLY for a specific URL pattern.

In Detail

I\'m creating an A

Answer 1

I dunno if it can be helpful but I couldn't implement the above solution. I found a workaround defining a single Security

@Configuration class

extending

WebSecurityConfigurerAdapter

with both httpBasic() and formLogin() configured. Then I created a custom

CustomAuthEntryPoint implements AuthenticationEntryPoint

that has this logic in the commence method:

    @Override
    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException
   {
        String urlContext = UtilityClass.extractUrlContext(request);
        if (!urlContext.equals(API_URL_PREFIX))
        {
            String redirectUrl = "urlOfFormLogin"
            response.sendRedirect(request.getContextPath() + redirectUrl);
       }
        else
        {
            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
        }

Dunno which is the "best practice strategy" about this issue