Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SEC-1758: Can't disable filters on /** intercept-url pattern #1993

spring-issuemaster opened this issue Jun 3, 2011 · 1 comment


Copy link

@spring-issuemaster spring-issuemaster commented Jun 3, 2011

Simeon Iliev (Migrated from SEC-1758) said:

Steps to reproduce:

1. Create a simple namespace configuration containing only one intercept-url definition:
    <http auto-config="false" use-expressions="true" entry-point-ref="entryPoint">
        <intercept-url pattern="/**" filters="none" />

        <custom-filter position="FORM_LOGIN_FILTER" ref="myFilter" /> <!-- this might not be needed -->

2. Enable debug log
3. Access any application url

    You should be redirected to the entryPoint URL. You should also be able to see the filter chain being executed in the debug log.

Desired behaviour:

The filter chain should not be executed on any application URL.

This comment has been minimized.

Copy link

@spring-issuemaster spring-issuemaster commented Jun 6, 2011

Luke Taylor said:

As I said in the forum, you can't do this because the namespace only creates one filter chain, which applies to all requests. So adding filters="none" would be the equivalent of omitting the configurations altogether. The syntax isn't supported in 3.1 where you are free to define multiple filter chains.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
1 participant
You can’t perform that action at this time.