Home » Tag Archives: Spring Security (page 3)

Tag Archives: Spring Security

Add RememberMe Authentication With Spring Security

spring-interview-questions-answers

I mentioned in my post Add Social Login to Jiwhiz Blog that the RememberMe function was not working with Spring Social Security. Well, it is because the application is not authenticating the user by username and password now, and is totally depending on social websites (like Google, Facebook and Twitter) to do the job. The default Spring Security configuration cannot ...

Read More »

A Grails plugin to bridge Spring Security and Shiro

grails-logo

I started using Spring Security in 2007 when I was tasked with adding security to a Spring/Hibernate application at the company I was working for. There were a few options to choose from, none of them particularly friendly to work with, and we chose Acegi Security because it was the most popular option for Spring applications. My experience was like ...

Read More »

Authentication against a RESTful Service with Spring Security

Spring-Security-logo

1. Overview This article is focused on how to authenticate against a secure REST API that provides security services – mainly, a RESTful User Account and Authentication Service. 2. The Goal First, let’s go over the actors – the typical Spring Security enabled application needs to authenticate against something – that something can be a database, LDAP or it can ...

Read More »

Ten Things You Can Do With Spring Security

spring-security-logo

One You can specify the authorisation provider of your choice in your Spring XML config file. You do this by configuring an authentication-manager as defined in Spring’s http://www.springframework.org/schema/security/spring-security-3.1.xsd schema. The simplified authentication-manager element definition looks something like this:           <xs:element name='authentication-manager'> <xs:complexType> <xs:choice minOccurs='0' maxOccurs='unbounded'> <xs:element name='authentication-provider'> <xs:complexType> <xs:choice minOccurs='0' maxOccurs='unbounded'> <xs:element ref='security:any-user-service'/> <xs:element name='password-encoder'>...</xs:element> </xs:choice> <xs:attributeGroup ref='security:ap.attlist'/> ...

Read More »

Use reCaptcha in a Spring MVC web application

spring-security-logo

A CAPTCHA is a program that can generate and grade tests that humans can pass but computer programs ‘cannot‘. One of strategies followed are showing an image to user with distorted text, and user should write text in input area. If showed text is the same as input by user, then we can ‘assure‘ that a human is on computer. A captcha ...

Read More »

Spring MVC Customized User Login Logout Implementation Example

spring-security-logo

This post describes how to implement a customized user access to an Spring MVC web application (login logout). As a prerequisite, readers are advised to read this post which introduces several Spring Security concepts. The code example is available from Github in the Spring-MVC-Login-Logout directory. It is derived from the Spring MVC with annotations example. Customized Authentication Provider In order ...

Read More »

Spring Security: Prevent brute force attack

spring-security-logo

Spring Security can do lot of stuff for you. Account blocking, password salt. But what about brute force blocker. That what you have to do by yourself. Fortunately Spring is quite flexible framework so it is not a big deal to configure it. Let me show you little guide how to do this for Grails application. First of all you ...

Read More »

Spring Security using API Authentication

spring-security-logo

Background While there are many blog posts that detail how to use Spring Security, I often still find it challenging to configure when a problem domain lies outside of the standard LDAP or database authentication. In this post, I’ll describe some simple customizations to Spring Security that enable it to be used with a REST-based API call. Specifically, the use ...

Read More »

Spring Security Implementing Custom UserDetails with Hibernate

spring-security-logo

Most of the time, we will want to configure our own security access roles in web applications. This is easily achieved in Spring Security. In this article we will see the most simple way to do this. First of all we will need the following tables in the database: CREATE TABLE IF NOT EXISTS `mydb`.`security_role` ( `id` INT(11) NOT NULL ...

Read More »

Spring Security – Two Security Realms in one Application

spring-security-logo

This blog post is mainly about Spring Security configuration. More specifically it is intending to show how to configure two different security realms in one web application. First security realm is intended for the browser clients. It enables us to log in with in the login page and access protected resources. Second security realm is intended for the REST web ...

Read More »

Want to take your Java skills to the next level?

Grab our programming books for FREE!

Here are some of the eBooks you will get:

  • Spring Interview QnA
  • Multithreading & Concurrency QnA
  • JPA Minibook
  • JVM Troubleshooting Guide
  • Advanced Java
  • Java Interview QnA
  • Java Design Patterns