'Spring security custom filter called twice for REST Controller

I implemented a custom Spring Security Filter to have a custom Authentication system. This works fine.

To configure my filter I used this config:

@Override
protected void configure(HttpSecurity http) throws Exception {


    http.antMatcher("/api/**")
            .csrf()
            .disable()
            .headers()
            .frameOptions()
            .disable()
            .and()
            .sessionManagement()
            .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
            .authorizeRequests()
            .antMatchers("/api/**")
            .authenticated().and().addFilterBefore(new MyTokenAuthFilter(), AbstractPreAuthenticatedProcessingFilter.class);

If I try to put a breakpoint into this filter I see that the method doFilterInternal will be called twice for each REST request. Strange.. Any suggestion?

javaspringspring-securityspring-filterpythonpathpython-sphinx


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions