hi all i am using spring security 3.0.2 and i have one custom filter and its order is last and i want to add another filter after that filter, is the following config right ?
<custom-filter position="LAST" ref="filter1"/>
<custom-filter after="LAST" ref="filter2"/>
After looking in my own code I noticed that I didn't use the 'ref' attribute, but instead I place this tag inside my bean definition as follow:
<bean id="ntlmFilter" class="org.springframework.security.ntlm.samples.failover.NtlmProcessingFilter">
<sec:custom-filter position="NTLM_FILTER" />
<property name="authenticationManager" ref="authenticationManager" />
<property name="retryOnAuthFailure" value="false" />
<property name="securityConfiguration" ref="securityConfiguration" />
</bean>
Even if it's for spring-security 2, the behavior is the same in version 3.
You can find all possible position in the org.springframework.security.config.http.SecurityFilters enumeration:
You can use some postition already defined in this enumeration to define in which order your custom filters must be set.
For exemple:
Don't know where your are placing your tags ? but I like to have them directly inside the filter bean... easier to maintain :-)
Hope that's help !
PS: Since position are based on integer you can perhaps put number instead of enumeration value (be warn to us correct position number, look at the logic inside the SecurityFilters enumeration), not sure if accepted ...