Skip to main content

Enabling Spring Security

1> Add few more jars in your WEB-INF/lib folder.
The current view of jars is shown in the figure below.
Figure 1 - Adding the Jars
2> Add a new member named - spring-security.xml in the WEB-INF/config folder. The contents of this file is shown in Listing 1 below:

Listing 1 - spring-security.xml
This is the bare minimum configuration you need to do to get Spring Security started. This is a great relief for those of you who had worked with earlier versions of Spring Security or its ancestor Acegi Security. You had to explicitly configure the entire filter chain. That was tedious and very cumbersome leading to lot of errors and time and effort going down the drain. Thanks Ben and team for this good change. I will explain the different elements in this configuration in future posts as the intention of this post is to quickly get started with Spring Security as promised earlier.

Step 3 - wire everything now in the web.xml. The modified web.xml looks like the one shown below.
There are a few things to note here.
  • We have setup DelegatingFilterProxy which will look for a bean springSecurityFilterChain in the spring root web application context.
  • The springSecurityFilterChain bean is setup automatically by the tag.
  • The DispatcherServlet only has a specific web application context and hence you need to load the root web application context using the ContextLoaderListener. For now this listener only loads the security related beans in the root web application context.
  • The ContextLoaderListener must be configured after the log4j listener if the later is used.
  • If you do not use the ContextLoaderListener you will encounter the following exception
java.lang.IllegalStateException: No WebApplicationContext found: no ContextLoaderListener registered?

Now that we are all set its time for testing. So launch your favorite browser (mine is Mozilla Firefox) and type the following:
http://localhost:8080/SkyPhotoWeb/index.html

** By the way I am deploying on Tomcat 6 running on JRE 6.

You will be redirected to a login page shown in figure below.



This is a Spring security framework generated login page. Although the desired result is not what we intended (we donot want that the index page is accessed securily rather by all users and guests) but it is clear that Spring Security is up and running, integrated into our Spring MVC application. I will try to correct this in my future post.Also I will show how you how you can add a custom your application specific login page.

Now let us supply the user id and password (jimi/jimispassword) and see what happens. You will be redirected to the index.html page. So it also suggests that Spring Security remembers what you tried prior to signing in.

Thats all for today hopefully. If I find time between watching Indial Premier League and World Field Hockey Finals I will try to clarify a few concepts later in the day.
Labels:

Comments

Post a Comment

Popular posts from this blog

CKEDITOR 3.x - Simplest Ajax Submit Plugin

  I have assumed that you have downloaded and got started with CKEDITOR. Step 1 – The html file is shown below: <html> <head> <title>Writer</title> <meta content="text/html; charset=utf-8" http-equiv="content-type" /> <script type="text/javascript" src="ckeditor/ckeditor.js"></script> <script type="text/javascript" src="js/jquery-1.4.2.min.js"></script> <style> .cke_contents { height: 400px !important; } </style> </head> <body> <form action="sample_posteddata.php" method="post"> <textarea id="editor" > </textarea> <script type="text/javascript"> //<![CDATA[ CKEDITOR.replace( 'editor', { fullPage : true, uiColor : '#9AB8F3', toolbar : 'MyToolbar' }); //]]> </script> </form> </body> </html> Note that the jquery js
3 comments
Read more

Part 3 - Integrating Tiles, Thymeleaf and Spring MVC 3

In this post I will demonstrate how to integrate Apache Tiles with Thymeleaf. This is very simple. The first step is to include the tiles and thymeleaf-tiles extension dependencies. I will include them in the pom.xml. Note we wil lbe using Tiles 2.2.2 Listing 1 - parent/pom.xml --- thymeleaf-tiles and tiles dependencies <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> <!-- Tiles --> <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> <dependency> <groupId>org.apache.tiles</groupId> <artifactId>tiles-core</artifactId> <version>${tiles.version}</version> <scope>compile</scope> </dependency> <dependency> <groupId>org.apache.tiles</groupId> <artifactId>tiles-template</artifactId> <version>${tiles.version}</version> <scope>compile</s
5 comments
Read more

Getting started with Prime faces 2

Prime faces is an amazing JSF framework from Cagatay Civici ( http://cagataycivici.wordpress.com/ ). Its wonderful because it is easy to use, minimal dependencies, has probably the widest set of controls among all JSF frameworks, easy to integrate with Spring (including Spring Security) , Java EE EJBs, and last but not the least mobile UI support. So I decided to give Prime faces a try, before selecting it to use in my projects. Step 1 – Create Maven 2 project As a first step to integrating Prime faces, create a Maven 2 project in Eclipse. You will need to select ‘maven-archetype-webapp’. Step 2 – Add repositories and dependencies in pom.xml I will be using Prime faces 2 with JSF 2 on Tomcat 6. Since the dependencies for Prime Faces and JSF 2 (JSF 2.0.3 is required) are available on different repositories, I will add them to my pom file first. The listing below shows my pom.xml <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/X
2 comments
Read more