Hi,
We're using Spring Security and
org.springframework.web.filter.DelegatingFilterProxy to handle
authentication. When testing with JerseyTest and GrizzlyTestContainer or
InMemoryTestContainer, the authentication doesn't work - whatever we do,
we only get 403 Forbidden.
The authentication is based on setting the Authorization header, so
we're using PreAuthenticatedAuthenticationProvider in spring-security-web.
Spring Security is enabled by enabling the DelegatingFilterProxy servlet
filter in web.xml, and I assume it isn't picked up by JerseyTest.
Is this correct, and is there any way to fix this?
Perhaps it would be possible to create a ClientRequestFilter that
handles the authentication for Spring Security, but I'm hoping there's
an easier fix. Any suggestions?
Regards,
Vetle