Scribd
Upload
42 views10 pages

First Application: Bryan Hansen Twitter: bh5k

This document discusses setting up basic Spring Security authentication and authorization in a Spring MVC application. It outlines adding necessary Maven dependencies, configuring the web.xml to bootstrap Spring Security, defining a security-config.xml file, and implementing a minimal security configuration requiring the ROLE_USER authority for all URLs. It also mentions creating a user to test the authentication.

Uploaded by

Nguyễn Sắc
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
42 views10 pages

First Application: Bryan Hansen Twitter: bh5k

This document discusses setting up basic Spring Security authentication and authorization in a Spring MVC application. It outlines adding necessary Maven dependencies, configuring the web.xml to bootstrap Spring Security, defining a security-config.xml file, and implementing a minimal security configuration requiring the ROLE_USER authority for all URLs. It also mentions creating a user to test the authentication.

Uploaded by

Nguyễn Sắc
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 10

First Application

Bryan Hansen
twitter: bh5k
http://www.linkedin.com/in/hansenbryan
Architecture
Authentication VS Authorization
Authentication
Authorization
Maven

▪ Need to add three jars in addition to the Spring jars


□ spring-security-web
□ spring-security-config
□ commons-logging
web.xml
▪ Just like Spring MVC, we need to bootstrap Spring Security
□ Context Loader Listener
!
!
□ Config Location
!
!
!
□ Application Entry Point
security-config.xml

▪ Another XML file


□ src/main/resources
□ src/main/webapp/WEB-INF/config

▪ Spring Security XML namespace


Minimal Security Configuration

▪ The filter in the web.xml has to point to something in the Spring


configuration
▪ The simplest configuration can be obtained using the http tag:
!

▪ This specifies that every url must have be accessed by someone that has
the authority of ROLE_USER
▪ To setup a user we must define a
Summary

▪ Added maven dependencies


▪ Bootstrapped our security in the web.xml
▪ Created a configuration file
▪ Added the minimal configuration for security
▪ Created a user to test with

You might also like