In my case answer is following
@Component
public class LocalAuthFilter implements Filter {
@Autowired
private UserDetailsService mng;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain) throws IOException, ServletException {
if (("127.0.0.1".equals(req.getRemoteAddr())) &&
("anonymousUser".equals(SecurityContextHolder.getContext().getAuthentication().getPrincipal()))) {
UserDetails userDetails = mng.loadUserByUsername("user"); //my test user
Authentication auth = new UsernamePasswordAuthenticationToken(
userDetails.getUsername(),
userDetails.getPassword(),
userDetails.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(auth);
}
filterChain.doFilter(req, resp);
}
@Override
public void destroy() {
}
}