Pro Spring 3 > CHAPTER 17: Web Applications with Spring > Securing a Web Application with Spring Security

Table of Contents

Download Safari Books Online apps: Apple iOS | Android

Entire Site

Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Search

Table of Contents

About the Technical Reviewer

CHAPTER 1: Introducing Spring

CHAPTER 2: Getting Started

CHAPTER 3: The Sample Application

CHAPTER 4: Introducing IoC and DI in Spring

CHAPTER 5: Spring Configuration in Detail

CHAPTER 6: Introducing Spring AOP

CHAPTER 7: More Spring AOP and Annotations

CHAPTER 8: Spring JDBC Support

CHAPTER 9: Using Hibernate in Spring

CHAPTER 10: Data Access in Spring with JPA2

CHAPTER 11: Using MyBatis in Spring

CHAPTER 12: Designing and Implementing Spring-Based Applications

CHAPTER 13: Transaction Management

CHAPTER 14: Validation with Type Conversion and Formatting

CHAPTER 15: Task Scheduling in Spring

CHAPTER 16: Using Spring Remoting

CHAPTER 17: Web Applications with Spring

Create Project in STS for Samples

Implement the Service Layer for Samples

Introducing MVC and Spring MVC

Create the First View in Spring MVC

Spring MVC Project Structure Overview

i18n (Internationalization)

Theming and Templating

Implement the Views for Contact Information

Using jQuery and jQuery UI

File Upload Handling

Securing a Web Application with Spring Security

Support for Servlet 3 Code-Based Configuration

Spring MVC in the Sample Application

Summary

CHAPTER 18: Spring Web Flow and JSF

CHAPTER 19: Spring Testing

CHAPTER 20: Spring Projects: Batch, Integration, and Roo

CHAPTER 21: Sample Application in Detail

CHAPTER 22: Scripting Support in Spring

CHAPTER 23: Spring Application Monitoring

APPENDIX A: SpringSource Tool Suite

Index

Securing a Web Application with Spring Security

Suppose now we want to secure our contact application. Only those users who logged into the application with a valid user ID can add a new contact or update existing contacts. Other users, known as anonymous users, can only view contact information.

Spring Security is the best choice for securing Spring-based applications. Although mostly used in the presentation layer, Spring Security can help secure all layers within the application, including the service layer. In the following sections, we will demonstrate how to use Spring Security to secure the contact application.

Table 17-8 lists the dependencies required for Spring Security.

images

Configuring Spring Security

To configure Spring Security, first we need to configure a filter in the web deployment descriptor (web.xml). Listing 17-57 shows the code snippet you need to add to the web.xml file.

You are currently reading a PREVIEW of this book.

Get instant access to over
$1 million worth of books and videos.

Start a Free Trial

Download Safari Books Online apps: Apple iOS | Android

This Book

Search

Contents

CHAPTER 17: Web Applications with Spring > Securing a Web Application with Spri...

Securing a Web Application with Spring Security

Configuring Spring Security