SEC-1235: The order of the filter chain breaks if you mix variables and hard coded patterns #1482

spring-issuemaster opened this Issue Sep 3, 2009 · 1 comment


None yet

1 participant


Tony Lowe (Migrated from SEC-1235) said:

When you put together a list of items the framework orders them based on the order in the XML (top to bottom). If you add variables within the mix though, it reorders the list to put the variable items 'last'. For instance

    <security:filter-chain-map path-type="ant">
        <security:filter-chain pattern="${authentication.success.filter}*" filters="httpSessionContextIntegrationFilter, exceptionTranslationFilter,authenticationProcessingFilter, inaraUserPrepFilter, filterSecurityInterceptor"/>

inaraUserPrepFilter, filterSecurityInterceptor"/>-->
<security:filter-chain pattern="${app.logout}" filters="logoutFilter"/>
<security:filter-chain pattern="/**" filters="httpSessionContextIntegrationFilter"/

Gives an error that the /** must be last. If you make them all variables then it works fine. This is fairly trivial, and probably could just be fixed with documentation, but it did take some time to sort out what was happening.


Luke Taylor said:

I can't reproduce this behaviour with the current trunk. There isn't any code I'm aware of where the use of placeholders would cause any re-ordering of the map. If it did then that would be a bug. Can you provide a test case which reproduces the issue?

@spring-issuemaster spring-issuemaster added this to the 3.0.0 RC1 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment