Home » Tag Archives: Spring Security (page 2)

Tag Archives: Spring Security

Spring Security – Behind the scenes

Spring-Security-logo

Security tasks such as authentication of user and authorization of a user to view application resources are usually handled by the application server. These tasks can be delegated to Spring security flow relieving application server from handling these tasks. Spring security basically handles these tasks by implementing standard javax.servlet.Filter. For initializing Spring security into your application, you need to declare ...

Read More »

Getting Started with method security in Grails using Spring Security

grails-logo

This blog post will be about implementing method level security with security expressions in Grails using the Spring Security plugins. I assume you have some basic understanding of the Grails Spring Security Core plugin. Roles aren’t enough. When using the Spring Security Core plugin you typically start to configure which roles are required for accessing certain URLs. This configuration can ...

Read More »

Grails: Calling bean methods in Spring Security expressions

grails-logo

Some days ago while working on a Grails application I was in a situation where a wanted to call a bean method from a Spring security SPEL expression. I was using the @PreAuthorize annotation from the Spring Security ACL plugin and wanted to do something like this:               @PreAuthorize("myService.canAccessUserProfile(#profileId)") public Profile getUserProfile(long profileId) {   ... } @PreAuthorize takes ...

Read More »

su and sudo in Spring Security applications

spring-interview-questions-answers

Long time ago I worked on a project that had a quite powerful feature. There were two roles: user and supervisor. Supervisor could change any document in the system in any way while users were much more limited to workflow constraints. When a normal user had some issue with the document currently being edited and stored in HTTP session, supervisor ...

Read More »

Spring Security Login

spring-security-logo

1. Introduction This article is going to focus on Login with Spring Security. We’re going to built on top of the simple previous Spring MVC example, as that’s a necessary part of setting up the web application along with the login mechanism. 2. The Maven Dependencies To add Maven dependencies to the project, please see the Spring Security with Maven ...

Read More »

Spring Security with Maven

apache-maven-logo

1. Overview This article will explain how to setup Spring Security with Maven and will go over specific use-cases of using Spring Security dependencies. The latest Spring Security releases can be found on Maven Central. This is a followup to the previous Spring with Maven article, so for non-security Spring dependencies, that’s the place to start.       2. ...

Read More »

Add RememberMe Authentication With Spring Security

spring-interview-questions-answers

I mentioned in my post Add Social Login to Jiwhiz Blog that the RememberMe function was not working with Spring Social Security. Well, it is because the application is not authenticating the user by username and password now, and is totally depending on social websites (like Google, Facebook and Twitter) to do the job. The default Spring Security configuration cannot ...

Read More »

A Grails plugin to bridge Spring Security and Shiro

grails-logo

I started using Spring Security in 2007 when I was tasked with adding security to a Spring/Hibernate application at the company I was working for. There were a few options to choose from, none of them particularly friendly to work with, and we chose Acegi Security because it was the most popular option for Spring applications. My experience was like ...

Read More »

Authentication against a RESTful Service with Spring Security

Spring-Security-logo

1. Overview This article is focused on how to authenticate against a secure REST API that provides security services – mainly, a RESTful User Account and Authentication Service. 2. The Goal First, let’s go over the actors – the typical Spring Security enabled application needs to authenticate against something – that something can be a database, LDAP or it can ...

Read More »

Ten Things You Can Do With Spring Security

spring-security-logo

One You can specify the authorisation provider of your choice in your Spring XML config file. You do this by configuring an authentication-manager as defined in Spring’s http://www.springframework.org/schema/security/spring-security-3.1.xsd schema. The simplified authentication-manager element definition looks something like this:           <xs:element name='authentication-manager'> <xs:complexType> <xs:choice minOccurs='0' maxOccurs='unbounded'> <xs:element name='authentication-provider'> <xs:complexType> <xs:choice minOccurs='0' maxOccurs='unbounded'> <xs:element ref='security:any-user-service'/> <xs:element name='password-encoder'>...</xs:element> </xs:choice> <xs:attributeGroup ref='security:ap.attlist'/> ...

Read More »
Want to take your Java Skills to the next level?
Grab our programming books for FREE!
  • Save time by leveraging our field-tested solutions to common problems.
  • The books cover a wide range of topics, from JPA and JUnit, to JMeter and Android.
  • Each book comes as a standalone guide (with source code provided), so that you use it as reference.
Last Step ...

Where should we send the free eBooks?

Good Work!
To download the books, please verify your email address by following the instructions found on the email we just sent you.