Handling both form and HTTP basic authentication with different sources

Question

I already have form login and Basic auth working side by side with the help of a DelegatingAuthenticationEntryPoint.

What I\'m trying to do is have users coming thru

Answer 1

Depending on your app and whether you're using Spring Security 3.1, you might be best to split the configuration into multiple filter chains, each with a separate authentication manager defined:

Instead of the pattern attribute you can also use the request-matcher-ref attribute to specify a RequestMatcher instance which will be used to map incoming requests to a particular filter chain. This has a very simple interface, but can allow you to match based on something other than the URL path, such as the Accept header.