Announcement Announcement Module
No announcement yet.
new in spring mvc security Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • new in spring mvc security

    i'm new in spring mvc ,i want to know more about spring security that we we can setup in a mvc application,
    the steps we had done is
    in web.xml file
    <filter-class>org.springframework.web.filter.DelegatingFil terProxy</filter-class>

    <listener-class>org.springframework.web.context.ContextLoade rListener</listener-class>
    <servlet-class>org.springframework.web.servlet.DispatcherSe rvlet</servlet-class>
    <listener-class> onEventPublisher
    in jsp page
    redirect.jsp we will call a login.htm
    this will dispaly login.jsp
    in the login.jsp
    <form action="<c:url value='j_spring_security_check'/>" onsubmit="return validateForm();" method="post">
    <input type="text" id="j_username" name="j_username" maxlength="50" tabindex="1" />
    <input type="password" id="j_password" name="j_password" maxlength="30" tabindex="2" />
    <input type="submit" urtitle="Submit" class="submit" value="<spring:message code="img.login"/>" id="button" name="submit" tabindex="3"/>
    and call a class
    public class AuthenticationProcessingFilter extends UsernamePasswordAuthenticationFilter
    and if the values are correct then username and password is set to session
    return super.attemptAuthentication(request, response);
    and we had done a customauthentication handler,
    <beans:bean class="org.mycompany.filter.AuthenticationProcessi ngFilter" id="authenticationFilter">
    <beansroperty name="sessionAuthenticationStrategy" ref="sas"/>
    <beansroperty name="authenticationManager" ref="authenticationManager"/>
    <beansroperty name="authenticationSuccessHandler" ref="customAuthenticationSuccessHandler"/>
    <beansroperty name="authenticationFailureHandler" ref="customAuthenticationFailureHandler"/>

    and all the roles we are externally mapped at this xml file,by that the role and user are selecting from

    and its working but i has lot doubts is this is the correct way to do spring security and what about spring authorisation and authentication,
    what about SSO intergration
    how can i do it with spring
    do any one has any good sample or good tutorial to begin spring security ,please help asap

  • #2
    1), use [code] tag, so that your code looks readable.
    2)You can access roles from any source(XML/DB/Properties/Static). Its depends on your requirements.
    3) Spring Supports CAS, You can use it.
    4)Samples you can get it from here, follow it.