0

I tried to search on the internet, but not found any clear. I am using spring-boot. I have the requirement for supporting either Basic Auth or Bearer (JWT Token). If the request coming with Basic Auth then, only Basic Auth configuration must execute and skip the JWT Token authentication. If Bearer authentication (JWT Token) request is coming, then only JWT Token authentication must execute and skip Basic authentication.

Any suggestions or input will helpful.

Thanks Manoj

JDGuide
  • 6,239
  • 12
  • 46
  • 64
  • Does this answer your question? [Spring Security with Spring Boot: Mix Basic Authentication with JWT token authentication](https://stackoverflow.com/questions/48221131/spring-security-with-spring-boot-mix-basic-authentication-with-jwt-token-authen) – Fullslack Jul 30 '20 at 07:26
  • No, it seems doing both mix of basic auth with jwt auth. I need only one at a time. – JDGuide Jul 30 '20 at 07:42
  • 1
    If you can tell from the Authroisation` header whether it contains `username:password` or whether it contains `jwt token`. You don't want to invoke any services here to do that. Can you do that? – Kavithakaran Kanapathippillai Jul 30 '20 at 19:59
  • But, if I found also which type of Authorization header is coming in request then how to invoke the service. Because the spring security will prevent before reaching the controller. – JDGuide Jul 31 '20 at 03:15
  • 1
    Implementing `AuthenticationProvider` to suit your case. – Holinc Jul 31 '20 at 04:33

0 Answers0