View RSS Feed

Recent Blogs Posts

  1. Using SpEL for Spring Security

    by , 11-27-2011 at 11:58 PM
    Sometimes you might need to have a more sophisticated method of defining security constraints. Fortunately as of version 3.0, Spring Security also supports SpEL as a means for declaring access requirements. I will give you show you how to use it in this tip.

    First thing you will need to do is to enable it. To do this, you must set the use-expressions attribute of <http> to true:

    Java Code:
    <http auto-config="true" use-expressions="true">

    Updated 11-30-2011 at 02:34 PM by Spring Framework

    Security , Spring EL
  2. Request Interception with Spring Security

    by , 11-27-2011 at 11:54 PM
    This is the last of a series of tips on Spring Security. From my previous tips, you should be able to configure Spring Security as well as setup login and logout. In the last tip, I will show you how to intercept requests. The <intercept-url> element is the key in the request-level security. Its pattern attribute is provide with a URL pattern that will be matched against incoming requests. If any requests match the pattern, then the <intercept-url>ís security rules will be applied. So ...
  3. Logging Out with Spring Security

    by , 11-27-2011 at 11:52 PM
    In my previous tips, I showed you how to configure and setup Spring Security as well as the login form autogenerated when auto-config is set to true. In this tip, I will show you how to setup the logout for your application. Basically the <logout> element will setup a Spring Security filter that will invalidate a user session. If it is used as is, the filter set up by <logout> is mapped to /j_spring_security_ logout. In order to ensure that there is no collision with the DispatcherServlet, ...
    Security , Web , Spring 3
  4. Configuring Web Security in Spring

    by , 11-27-2011 at 11:49 PM
    In a previous tip, I showed how to add in the necessary servlet filters in your Spring application file. We added both the Delegating FilterProxy along with the another filter, FilterChainProxy. In general, Spring security will automatically create these beans for you when you configure the <http> element.

    Java Code:
        <form-login />
        <http-basic />
        <logout /> 
        <intercept-url pattern="/**" access="ROLE_USER"
  5. Setting up Secure Web Requests in Spring

    by , 11-27-2011 at 11:48 PM
    Continuing our investigation of Spring Security, in this tip I will look at making secure web requests. All activities that starts in a java web application is initiated via an HttpServletRequests. As such, this is where the security of your application will start. This security takes the form of request-level security. This involves declaring one or more URL patterns as requiring some level of granted authority and restricting access to those without authority from accessing the content of those ...
  6. Configuring Spring Security

    by , 11-27-2011 at 11:45 PM
    In the last tip, I introduced Spring Security and outlined the modules that are available. In this tip, we will look at configuring namespaces. Using Spring, the nice thing about Spring Security is that all the security elements are configured as beans in the application context. It is not uncommon to have a Acegi configuration containing dozens of bean declarations that span multiple pages.

    Another nice feature is that Spring Security has its own security-specific namespace to simplify ...
  7. Intro to Spring Security

    by , 11-27-2011 at 11:44 PM
    Spring Security is a security framework that started out as Acegi Security and then became an official part of Spring in version 2.0. It provides declarative security for all Spring-based applications. Spring Security handles all aspects of security from authentication to authorization at both the web request level and at the method invocation level. Like many Spring Framework modules, it takes full advantage of dependency injection (DI) and aspect-oriented techniques.

    Irrespective ...
    Security , Spring 3