OAuth2AuthorizationEndpointFilter should be applied after AuthorizationFilter

`OAuth2AuthorizationEndpointFilter` should be applied after `AuthorizationFilter` in order for [Multi-Factor Authentication](https://docs.spring.io/spring-security/reference/servlet/authentication/mfa.html) to take effect (if configured).

Currently, MFA is not applied correctly for Authorization Server. Moving `OAuth2AuthorizationEndpointFilter` after `AuthorizationFilter` will resolve this issue.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

OAuth2AuthorizationEndpointFilter should be applied after AuthorizationFilter #18251

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

OAuth2AuthorizationEndpointFilter should be applied after AuthorizationFilter #18251

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions