2e48b5a81d26c7a4d62c21247d98ce2dd66d3cbe,extensions/spring/stormpath-spring-security-webmvc/src/main/java/com/stormpath/spring/config/StormpathWebSecurityConfigurer.java,StormpathWebSecurityConfigurer,init,#HttpSecurity#,267
Before Change
http.addFilterBefore(contentNegotiationSpringSecurityAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
//Fix for redirection loop when Cookie is present but WebApp is restarted and '/' is locked down to authenticated users (Bare Bones example)
http.addFilterBefore(stormpathSecurityContextPersistenceFilter, UsernamePasswordAuthenticationFilter.class);
}
if (corsEnabled) {
After Change
* if an error occurs
*/
@Override
public void init(HttpSecurity http) throws Exception {
// autowire this bean
ApplicationContext context = http.getSharedObject(ApplicationContext.class);
context.getAutowireCapableBeanFactory().autowireBean(this);
http.servletApi().rolePrefix(""); //Fix for https://github.com/stormpath/stormpath-sdk-java/issues/325
if (loginEnabled) {
http.addFilterBefore(stormpathWrapperFilter, SecurityContextPersistenceFilter.class);
// We need to add the springSecurityResolvedAccountFilter whenever we have our login enabled in order to
// fix https://github.com/stormpath/stormpath-sdk-java/issues/450
http.addFilterBefore(springSecurityResolvedAccountFilter, LogoutFilter.class);
//Fix for redirection loop when Cookie is present but WebApp is restarted and '/' is locked down to authenticated users (Bare Bones example)
http.addFilterBefore(stormpathSecurityContextPersistenceFilter, UsernamePasswordAuthenticationFilter.class);
http.addFilterBefore(socialCallbackSpringSecurityProcessingFilter, UsernamePasswordAuthenticationFilter.class);