SEC-53: Avoid reauthentication in Basic and Digest authentication processing filters #301

spring-issuemaster opened this Issue Aug 24, 2005 · 1 comment

1 participant


Fernando Mato Mira (Migrated from SEC-53) said:

Check the SecurityContextHolder for an authenticated Authentication and reuse it in that case, do not call the authentication manager again.


Ben Alex said:

BasicProcessingFilter modified to support requested behaviour.

Due to complexities of how nonces work within DigestProcessingFilter, this behaviour cannot be implemented within the existing Digest implementation approach.

@spring-issuemaster spring-issuemaster added this to the 0.9.0 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment