Posts Tagged ‘Spring Security’

Exploring Spring Secuirty Series: part 13 to part 16

December 29, 2008

In spring security series parts 13 to 16, we revert back a bit to take a closer look at how spring security filters work. We clean up our configuration to allow us to have uri level security and method level security in place by part 16.

In subsequent parts of the series, we will continue on to look at the ACL feature of spring security.

part 13
part 14
part 15
part 16


Exploring Spring Secuirty Series: part 11 & 12

December 22, 2008

In part 11 , we start looking at spring security’s ACL features. We create the schema and populate the database with test data as well as the ACL tables.

In part 12 , we add code that enables us to see the data entered into our Projects (domain) table and also the corresponding entries in our ACL tables.



Exploring Spring Secuirty Series: part 10

November 26, 2008

In part 10, we change from using the configuration to declare users to create a database backend using (hsqldb) and we add the users and authorities to the schema to allow basic authentication.

We add an initializing bean that is responsible for creating the and populating the schema of the in-memory database on startup.


Exploring Spring Security Series: part 9

November 23, 2008

In part 9, we use exceptions mappings to control what is displayed when certain exceptions occur within the application.


Exploring Spring Security Series: part 8

November 22, 2008

In this part we use spring security’s taglibs. We are going to use them to customize the content being displayed based on the user role of the authenticated user.

See part 8 of the series:

Exploring Spring Security Series: part 7

November 21, 2008

In this part, we create our own TargetUrlResolver so we can direct authenticated users to specific pages based on their role. We create a class called RoleBasedTargetUrlResolver that implements TargetUrlResolver and delegates to spring securitys TargetUrlResolverImpl if it does find a user with an admin role.

See part 7 of series:

Exploring Spring Security Series: part 6

November 20, 2008

In this part, we are required to add behaviour to our application that requires us to use a custom authtication process filter rather than the out of the box one created when you use http auto-config=true.


Exploring Spring Security Series: part 4 & 5

November 19, 2008

Part 4 and 5 of the series continues with adding behavior specified in here

see Part 4
see Part 5

Over the next few parts (6 – 10) of the series we will implement functionality that doesn’t come out-of-the-box with spring security and will require customizing spring security elements.

If there is anything in particular anyone would like to see examined please leave a comment.

Exploring Spring Security Series: part 3 available

November 18, 2008

Part 3 of a series exploring spring security through the development of a simple web application is available.


This part continues to show how we can add security related behavior to our web application using spring security.