root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Allow authenticationIsRequired to be overridden 

Issue gh-10347
This commit is contained in:
shazin 2022-03-15 19:40:03 +05:30 committed by Steve Riesenberg
parent 4d62621094
commit 1e0e9a2c98
No known key found for this signature in database
GPG Key ID: 5F311AB48A55D521
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
web/src/main/java/org/springframework/security/web/authentication/www/BasicAuthenticationFilter.java
View File

@ -202,7 +202,7 @@ public class BasicAuthenticationFilter extends OncePerRequestFilter {
chain.doFilter(request, response);
}
private boolean authenticationIsRequired(String username) {
protected boolean authenticationIsRequired(String username) {
// Only reauthenticate if username doesn't match SecurityContextHolder and user
// isn't authenticated (see SEC-53)
Authentication existingAuth = this.securityContextHolderStrategy.getContext().getAuthentication();