The idea is:
- Client fires a http request using Spring's RestTemplate
- The request is intercepted on the client side by Spring's ClientHttpRequestInterceptor
- The interceptor adds authentication headers to the http request before passing it on to the server
- The server side has a javax.servlet.Filter which looks at the request headers
- If the filter finds the headers injected by the client's interceptor and the header's values are correct (username/password correct) - the filter passes the request onto the server side logic for regular processing (chain.doFilter)
- If the Filter does not find the http headers or they have incorrect values, the filter writes "Unauthorized" to the http response.