Announcement Announcement Module
No announcement yet.
Any alternate approaches for Spring Security Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Any alternate approaches for Spring Security

    I have studied the Spring Security in hope to incorporate it into a new component built with Spring 2.5 or 3.0 in an existing Spring web application built with Spring 2.0. After spending a significant amount of time, I conclude that it is better off to forgo the Spring Security. This part of Spring is very weak in terms of documentation. It needs outsiders to write base tutorials. And the ACL, the most useful part of Spring Security, is too complicated to understand and implement.
    I have to use my old approach, subclassing the HandlerInterceptorAdapter class to handle the authorization. This approach, however, doesn't go well with the Spring 2.5 annotation. Any other approaches in the regards?

    Thanks for your inputs.

  • #2
    I still would suggest Spring Security if you have a problem with it register a JIRA issue instead of only complaining here.

    The basic setup and configuration is (imho) covered quite good in the current available reference documentation. The ACL part (if you want to secure objects) I agree it is under (or not) documented.

    If you really want to go with the HandlerInterceptor I would ask why wouldn't it work with annotations. They work perfectly with @Controllers....

    Maybe you should re-read the documentation?!