Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

SEC-1469: Add a Debug/Monitoring Filter #1708

spring-issuemaster opened this Issue Apr 27, 2010 · 3 comments


None yet
1 participant

Luke Taylor (Migrated from SEC-1469) said:

Users are often unaware of how to debug simple things like session-creation, redirects or other simple servlet-api data. It would be possible to add a simple filter using the namespace (e.g. ) which was Spring Security aware and would detect monitor the application for inconsitent behaviour (e.g. creating sessions when the "stateless" option is set) and providing useful extra information for addition to forum posts.

Luke Taylor said:

A better option might be to always register the bean, using a name like "springSecurityDebugFilterChain". Substituting this in the web.xml file would allow the feature to be used, rather than adding an extra namespace element.

Luke Taylor said:

Implemented as a namespace element (). This will allow for future expansion and addition of extra features. At the moment it reports matching of requests to filter chains in a human-readable fashion, and also the creation of new sessions (with the stacktrace so that the point in the code where the session was created can be determined).

Luke Taylor said:

Complete for now. More features will be added in future.

@spring-issuemaster spring-issuemaster added this to the 3.1.0.M1 milestone Feb 5, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment