Scribd
Upload
5 views2 pages

Spring Security

The document outlines the configuration of Spring Security in a Java application using Maven's pom.xml and web.xml files. It includes dependencies for core authentication, web security, and configuration parsing, as well as details on authentication and authorization processes. Additionally, it provides examples of in-memory authentication setup in both Java and XML formats.

Uploaded by

Mca Mgl
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
5 views2 pages

Spring Security

The document outlines the configuration of Spring Security in a Java application using Maven's pom.xml and web.xml files. It includes dependencies for core authentication, web security, and configuration parsing, as well as details on authentication and authorization processes. Additionally, it provides examples of in-memory authentication setup in both Java and XML formats.

Uploaded by

Mca Mgl
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

pom.

xml
<!-- Spring Security -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>${security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${security.version}</version>
</dependency>

- spring-security-core : It contains core authentication and access-control


classes and interfaces.
- spring-security-web : It contains filters and related web-security
infrastructure code. It also enable URL based security which we are going to
use in this demo.
- spring-security-config : It contains the security namespace parsing code.
You need it if you are using the Spring Security XML file for configuration.
web.xml

<!-- Loads Spring Security configuration file -->


<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/SpringConfig-servlet.xml
</param-value>
</context-param>

<!-- Spring Security filter -->


<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-
class>org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
</filter>

<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

Authentication – It is nothing but validating whether the user is a valid user or


not.
Authorization – Deciding whether the particular user is allowed to perform a
certain activity in the application or not.

public void configureGlobal(AuthenticationManagerBuilder auth) throws


Exception {
authentication.inMemoryAuthentication().withUser("test").password("tes
t").roles("ADMIN");
}

It is equivalent of

<authentication-manager>
<authentication-provider>
<user-service>
<user name="test" password="test" authorities="ROLE_ADMIN" />
</user-service>
</authentication-provider>
</authentication-manager>

You might also like