Skip to content

BasicAuthenticationFilter could check the scheme more efficiently #6183

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jzheaux opened this issue Nov 28, 2018 · 0 comments · Fixed by #6185
Closed

BasicAuthenticationFilter could check the scheme more efficiently #6183

jzheaux opened this issue Nov 28, 2018 · 0 comments · Fixed by #6185
Assignees
@rwinch
Labels
in: web An issue in web modules (web, webmvc) status: first-timers-only An issue that can only be worked on by brand new contributors type: enhancement A general enhancement
Milestone
5.2.0.M1

Comments

@jzheaux
Copy link
Contributor

jzheaux commented Nov 28, 2018

BasicAuthenticationFilter checks that the Authorization header starts with the "basic" scheme:

if (header == null || !header.toLowerCase().startsWith("basic ")) {

However, this is not as efficient as it could be, since it needs to lowercase the entire header just to compare the first few characters.

org.springframework.util.StringUtils#startsWithIgnoreCase is nice for situations like these:

if (!StringUtils.startsWithIgnoreCase("basic ")) {

It would be great to do the same for the WebFlux counterpart, ServerHttpBasicAuthenticationConverter.
@jzheaux jzheaux added in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement status: first-timers-only An issue that can only be worked on by brand new contributors labels Nov 28, 2018
@jzheaux jzheaux added this to the General Backlog milestone Nov 28, 2018
@bhavikkumar bhavikkumar mentioned this issue Nov 29, 2018
Merged
@rwinch rwinch modified the milestones: General Backlog, 5.2.0.M1 Nov 30, 2018
@rwinch rwinch self-assigned this Nov 30, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rwinch rwinch

Labels
in: web An issue in web modules (web, webmvc) status: first-timers-only An issue that can only be worked on by brand new contributors type: enhancement A general enhancement
Projects
None yet
Milestone
5.2.0.M1
Development

Successfully merging a pull request may close this issue.

Use SpringUtils to check scheme bhavikkumar/spring-security
2 participants
@rwinch @jzheaux