Hi! I am enabling a simple HTTP Basic Authentication with Spring
security in my project. My environment is an Glassfish Server (bundled with Netbeans), and almost everything works perfect: I have set up it to just ask for authentication with the POST method, with hardcoded users with "user-service", and it works with user names with no special characters. The problem comes when I set up an user with "@" or "." Here is the spring-security related part of my servlet.xml:
<security:http>
<security:intercept-url method="POST" pattern="/**" access="ROLE_USER" />
<security:http-basic/>
</security:http>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider user-service-ref="uservice"/>
</security:authentication-manager>
<security:user-service id="uservice">
<security:user name="
[email protected]" password="pswd1" authorities="ROLE_USER" />
<security:user name="
[email protected]" password="pswd2" authorities="ROLE_USER" />
<security:user name="pepe" password="pepito" authorities="ROLE_USER" />
</security:user-service>
I have looked also for what did the browser send to the listening port, and it sends right the par "username:password" in base 64, so i think the problem is in my server(Glassfish v3).
Does anyone have any idea?
Thanks in advance!
Raspayu