Hi,

I'm currently migrating an application to Spring Boot 3.x. This application declare a rest controller and a websocket endpoint authenticated via basic auth. But the basic auth does not work anymore on the websocket endpoint.

Sample application:
https://github.com/rcosne/ws-test

RestController: http://localhost:8080/test
Websocket endpoint: ws://localhost:8080/wstest

It seems that the whole security filter chain is skipped in this case. I've tried to declare a customer filter via @Component, and via a JettyServerCustomizer, in both case, the filter is applied in the rest controller, but not in the websocket endpoint.

I've also tested with Tomcat, then the basic auth works with the websocket.

Best Regards,
Rémy