HTTP-method dependant Security Filter

67 views
Skip to first unread message

Corsin Capol

unread,
Dec 2, 2022, 3:39:39 PM12/2/22
to Pac4j users mailing list
Hi, 

I use pac4j with the playframework. Is there a way to configure the security filter to use different authorizers depending on the HTTP method on the same URL?

{"/api/hello" = {
authorizers = "user,"
matchers = "get"
 clients = "HeaderClient"
}}
{"/api/hello" = {
authorizers = "superuser"
matchers = "put"
 clients = "HeaderClient"
}}

Unfortunately, the configuration above does not work.

Best regards,
Corsin

Jérôme LELEU

unread,
Dec 5, 2022, 2:22:22 AM12/5/22
to Corsin Capol, Pac4j users mailing list
Hi,

I think it should work. What versions do you use?
Can you turn on DEBUG logs on org.pac4j?
Thanks.
Best regards,
Jérôme



--
You received this message because you are subscribed to the Google Groups "Pac4j users mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pac4j-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/pac4j-users/c73174f8-f010-47d4-a42d-8558c7c905c3n%40googlegroups.com.

Corsin Capol

unread,
Dec 9, 2022, 3:04:35 PM12/9/22
to Pac4j users mailing list
Hi Jérôme

I use the following version:

"org.pac4j" % "play-pac4j_2.12" % "10.0.2",
"org.pac4j" % "pac4j-http" % "4.5.7",
"org.pac4j" % "pac4j-jwt" % "4.5.7",

With a put request unfortunately only the first filter (get) will be executed and the request does not get to the second (put) security filter (as expected). This even though the matcher returns false (Request: PUT, Matcher: GET, Return: False (correct)). This ends up with «no matching for this request -> grant access». The correct route and controller method will be executed.

Any ideas?

Best regards,
Corsin

Jérôme LELEU

unread,
Dec 12, 2022, 1:53:22 AM12/12/22
to Corsin Capol, Pac4j users mailing list
Hi,

OK. I see. Indeed, in the SecurityFilter, only one route can be tried.
I'm not a Scala specialist, but I think it should not be too complicated to refactor it to try all the matching paths.
A pull request is welcome.
Thanks.
Best regards,
Jérôme


To view this discussion on the web visit https://groups.google.com/d/msgid/pac4j-users/d0301d85-d847-4552-a0d1-43321734a9f9n%40googlegroups.com.

Corsin

unread,
Dec 13, 2022, 4:57:19 AM12/13/22
to Pac4j users mailing list
Hi,

Thanks for the tip. I will check this.

Best regards,
Corsin

Reply all
Reply to author
Forward
0 new messages