Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

SEC-53: Avoid reauthentication in Basic and Digest authentication processing filters #301

Closed
spring-issuemaster opened this Issue Aug 24, 2005 · 1 comment

Comments

Projects
None yet
1 participant

Fernando Mato Mira(Migrated from SEC-53) said:

Check the SecurityContextHolder for an authenticated Authentication and reuse it in that case, do not call the authentication manager again.

Ben Alex said:

BasicProcessingFilter modified to support requested behaviour.

Due to complexities of how nonces work within DigestProcessingFilter, this behaviour cannot be implemented within the existing Digest implementation approach.

@spring-issuemaster spring-issuemaster added this to the 0.9.0 milestone Feb 5, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment