Spring Security HTTP Basic Authentication

Question

I am trying to do a really simple basic authentication with Spring Security. I have configured the namespace properly and there are no Exceptions in the server. In my \"serv

Answer 1

Auto-answer

T_T Two days of hitting my head against the code for this...

Looks like it is not a problem of the code. I was using Weblogic with it and Weblogic captures the requests with the "authorization" header, so it doesn't get to my authentication-manager. I tried it with glassfish, and it works perfectly.

Searching for some info, I found an useful entry in the next blog: http://yplakosh.blogspot.com/2009/05/how-to-fix-basic-authentication-issue.html

Adding the next line in the config.xml from my Weblogic server(<security-configuration> section):

<enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>

Weblogic will not catch the basic authentication credentials again, so it will be your authentication-manager who will handle it.

I hope it can save some time to anyone :-)

Answer 2

try:

<http auto-config="true>
   <security:intercept-url method="POST" pattern="/**" access="ROLE_USER" />
   <http-basic />
</http>