Acegi is the most used web project security tools in respect of Java web development. Acegi is a security framework for authentication, authorization and role based authorization of the users. Spring Security is an implementation of Acegi referral API. Spring Security Framework provides a lot of facilities to take care of the java web enterprise security management. Its really great security framework that work with Spring IoC or DI to inject the dependencies and securing the java web application.
Following are the some of the important facilities that Spring Security Framework provides to itís users:
- User authentication and authorization.
- Role based authorization control.
- Easy to configure with database based authentication and authorization.
- Encrypted password.
- Form authentication.
- File bases user authentication and authorization.
- and a lot more.
In this tutorial, we will go through some examples with Spring Security implementation to learn how to use Spring Security in security perspective.
Spring Security Fundamentals
In this tutorial session we will learn the fundamentals of Spring Security Acegi Framework.
- Configuring Spring Security in Spring Web MVC Application.
Illustrate with an example in which we will configure Spring Security in an Spring MVC web application.
- Using custom setting for Spring Security.
We will see can we custom setting for spring security for following uses:
- Our own Login page.
- Specify the page to which the Spring Security will forward the user after logout.
- Put logout options in secure pages.
- Put an extra option of remember me in login form.
- Making a page public.
Spring Security Using Database Tables
We will learn using practical examples to use database tables for user authentication and authorization.
- MySQL ddl tables definitions for Spring Security.
Create tables for Spring Security. Spring Security will use these tables for user authentication and and role based authorization.
- Using database tables for user authentication and authorization.
The example will implement database table based user authentication and authorization in Spring Security framework with MySQL Database.
- Using custom tables for authentication and authorization.
We will go through an example in which we will use our custom database table structure to authenticate the user. We will not use Spring Security Specific database tables
Spring Security for Spring MVC
Lets integrate Spring MVC with Spring Security and do a lot more with MVC.
- Spring Security JSP tags
Spring Security JSP taglibs will help us to customize our JSP pages on the basis of authenticated users role or permission. Following are the tutorial under this topic:
- Role based controller execution in Spring MVC.
Advance tutorials for Spring Security
Some extra topics on Spring Security that can be used real life web project for greater user satisfaction.
- Using Ajax for Spring Security Login with jquery.