Spring Security 3.2.1 Multiple login forms with distinct WebSecurityConfigurerAdapters

Question

I\'m using Spring Security 3.2.1.RELEASE with Spring MVC 4.0.4.RELEASE

I\'m trying to setup Spring Security for a web application that will have two distinct login

Answer 1

I also encountered this problem and found out that I missed the first filtering part.

This one:

http.csrf().disable()
    .authorizeRequests()
    .antMatchers("/admin/**").hasRole("ADMIN")

Should be:

http.csrf().disable()
    .antMatcher("/admin/**")
    .authorizeRequests()
    .antMatchers("/admin/**").hasRole("ADMIN")

Adding the first filtering .antMatcher("/admin/**") will first filter it so that it will use the AdminFormLoginWebSecurity instead of the other one.