[CONF] Apache Wicket > Spring Security and Wicket-auth-roles

[confluence]

Spring Security and Wicket-auth-roles Page comment added by Ruben Wagner To provide the security context in the wicket web application (using spring-security-3.0.X) you can not omit the "springSecurityFilterChain" in the web.xml. If you omit it, the "SecurityContextPersistenceFilter" will not be passed and you will not have the security context provided in a multithreaded environment - like tomcat. See Spring Docshttp://static.springsource.org/spring-security/site/docs/3.0.x/reference/security-filter-chain.html You don't need to specify a bean if you use "springSecurityFilterChain" as filter name - Because then the default filter-chain will be used. See Spring Docshttp://static.springsource.org/spring-security/site/docs/3.0.x/reference/ns-config.html (2.2.1) ... <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> ... Hope this helps someone. Change Notification Preferences View Online | Reply To This