The flow of request throgh the various Spring Security filters is depited in the Figure 15-5 below.

Figure 15-5. Flow of request through Spring Security filters

It is very important to note that the filters in the Spring Security should be configured according to a set order as specified by the framework. However, if you would like to customer any of the filters or introduce a custom filter, Spring Security does allow this by ding appropriate configuration in the configuration file. If you are using any filter based frameworks like SiteMesh for decorating pages or Apache Wicket for handling requests, you need to make sure that Spring Security related filter comes first in the execution. Figure 15-6 below shows the Spring Security filters arranged in order of execution.

Figure 15-6. Spring Security Filter Chain order

In Figure 15-6 above the third filter in the Spring Security execution namely “SecurityContextPersistenceFilter” is very important and works as shown in Figure 15-7 below.

Figure 15-7. Working of Third Filter in Spring Security Filter Chain

Page Visitors: 10629

The following two tabs change content below.

• Bio
• Latest Posts

Tomcy John

Blogger & Author at javacodebook

He is an Enterprise Java Specialist holding a degree in Engineering (B-Tech) with over 10 years of experience in several industries. He's currently working as Principal Architect at Emirates Group IT since 2005. Prior to this he has worked with Oracle Corporation and Ernst & Young. His main specialization is on various web technologies and acts as chief mentor and Architect to facilitate incorporating Spring as Corporate Standard in the organization.

Latest posts by Tomcy John (see all)

• A Guide to Continuous Improvement for Architects - February 2, 2023
• Cloud-first Architecture Strategy - January 26, 2023
• Architecture Strategy and how to create One - January 24, 2023