Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

SEC-1235: The order of the filter chain breaks if you mix variables and hard coded patterns #1482

spring-issuemaster opened this Issue Sep 3, 2009 · 1 comment


None yet
1 participant

Tony Lowe (Migrated from SEC-1235) said:

When you put together a list of items the framework orders them based on the order in the XML (top to bottom). If you add variables within the mix though, it reorders the list to put the variable items 'last'. For instance

    <security:filter-chain-map path-type="ant">
        <security:filter-chain pattern="${authentication.success.filter}*" filters="httpSessionContextIntegrationFilter, exceptionTranslationFilter,authenticationProcessingFilter, inaraUserPrepFilter, filterSecurityInterceptor"/>

inaraUserPrepFilter, filterSecurityInterceptor"/>-->
<security:filter-chain pattern="${app.logout}" filters="logoutFilter"/>
<security:filter-chain pattern="/**" filters="httpSessionContextIntegrationFilter"/

Gives an error that the /** must be last. If you make them all variables then it works fine. This is fairly trivial, and probably could just be fixed with documentation, but it did take some time to sort out what was happening.

Luke Taylor said:

I can't reproduce this behaviour with the current trunk. There isn't any code I'm aware of where the use of placeholders would cause any re-ordering of the map. If it did then that would be a bug. Can you provide a test case which reproduces the issue?

@spring-issuemaster spring-issuemaster added this to the 3.0.0 RC1 milestone Feb 5, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment