So I have some Spring Boot Security code, and for some reason although my STATELESS angular app sends a single GET request. The Spring Security seems to get two requests and start processing them in the same milliseconds on two threads (then I end up getting a unique user constraint as it tries to add same user twice to the DB).
Is there something wrong with my spring security configuration where double-requests are happening? Spring Security should basically check ALL requests coming from stateless app for the X-AUTH-TOKEN.
http
.authenticationProvider(authenticationProvider)
.addFilterBefore(new HeaderAuthenticationFilter(), BasicAuthenticationFilter.class)
//.addFilterBefore(new CorsFilter(request -> corsConfiguration), HeaderAuthenticationFilter.class)
.authorizeRequests()
.antMatchers("/").permitAll()
.anyRequest()
.authenticated()
.and()
.csrf().disable()
.exceptionHandling().accessDeniedPage("/error");
Basically HeaderAuthenticationProvider and HeaderAuthenticationFilter are used for checking X-AUTH-TOKEN.
2017-05-17 19:46:41.868 INFO 5 --- [nio-8443-exec-8] o.a.c.util.SessionIdGeneratorBase : Creation of SecureRandom instance for session ID generation using [SHA1PRNG] took [13,338] milliseconds.
2017-05-17 19:46:41.868 INFO 5 --- [nio-8443-exec-1] o.a.c.util.SessionIdGeneratorBase : Creation of SecureRandom instance for session ID generation using [SHA1PRNG] took [8,315] milliseconds.
2017-05-17 19:46:41.872 INFO 5 --- [nio-8443-exec-8] m.d.f.a.HeaderAuthenticationProvider : Authenticate:: Authorization Token: bf6bbb6f5a850fb7b152b5e143534e5bd13a96abd3250d2
2017-05-17 19:46:41.872 INFO 5 --- [nio-8443-exec-1] m.d.f.a.HeaderAuthenticationProvider : Authenticate:: Authorization Token: bf6bbb6f5a850fb7b152b5e143534e5bd13a96abd3250d2
