Results 1 to 2 of 2

Thread: Spring Security

  1. #1
    Nirmitha is offline Member
    Join Date
    Sep 2013
    Posts
    3
    Rep Power
    0

    Default Spring Security

    Hi ,

    I am new to spring security and in my project I found below scenario happening .

    We are using spring security to authenticate user . And for every request we are authenticating using Cookie .If cookie presents then process the request . And CSRF protection is also implemented .

    I feel only spring controller request should be authenticated , when i see my application . It is authenticating every css, js, jsp import . Is that approach correct.

    I know I briefly described the problem , Try to understand and reply

    Regards,
    Nirmitha

  2. #2
    gimbal2 is offline Just a guy
    Join Date
    Jun 2013
    Location
    Netherlands
    Posts
    3,900
    Rep Power
    5

    Default Re: Spring Security

    Not much to answer here, there is just a total lack of information.

    I feel only spring controller request should be authenticated
    Sure. Unless you want to block people from linking to your resources from an external site. Its not about what Spring security does, its about what you do and want to achieve. You are the captain on the ship, don't attack this from the perspective of the tooling doing things and stuff. If you don't understand what it does, research it.
    "Syntactic sugar causes cancer of the semicolon." -- Alan Perlis

Similar Threads

  1. Replies: 1
    Last Post: 12-27-2010, 05:21 PM
  2. GAE + Spring Security
    By kievari in forum Advanced Java
    Replies: 0
    Last Post: 12-12-2010, 09:19 PM
  3. Spring Security + Crowd
    By Cbani in forum Advanced Java
    Replies: 4
    Last Post: 09-14-2010, 02:01 PM
  4. spring security tutorial
    By devstarter in forum New To Java
    Replies: 1
    Last Post: 03-01-2010, 06:51 PM
  5. spring security and struts2
    By ngoc61 in forum Web Frameworks
    Replies: 0
    Last Post: 03-09-2009, 09:26 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •