SlideShare une entreprise Scribd logo

Spring security 3

Télécharger en tant que PPTX, PDF
IT Weekend
IT Weekend

by Maksym Titov

Technologie
1  sur  16
Spring security 3 Maksym Titov 27.4.2011
Why Spring Security? Popularity, Features
Three easy steps
Filter chain
User experience
Password change management  InMemoryDaoImpl  Configuration  Page  Controller
Securing Credential Storage Database
Advanced configuration of JdbcDaoImpl User Legacy groups schema
Secure passwords Encoding, salt
‘Remember me’ Safe, but be careful
SSL Transport layer security
Business layer security public interface IUserService { @PreAuthorize("hasRole('ROLE_USER')") public void changePassword(String username, String password); } @PreAuthorize JSR-250 compliant rules @Secured Aspect Oriented Programming Conditional rendering
Internal customization SECURITY FILTER AUTHENTICATION PROVIDER
Session management and concurrency Session fixation Concurrent session control
Exception handling <http auto-config="true" ...> <access-denied-handler error-page = "/accessDenied.do"/> </http> AuthenticationException AccessDeniedException
External security systems Active directory OpenId LDAP

Recommandé

Secure Middleware with JBoss AS 5
Secure Middleware with JBoss AS 5Secure Middleware with JBoss AS 5
Secure Middleware with JBoss AS 5Anil Saldanha
 
Physical Access Control and Identity Management
Physical Access Control and Identity ManagementPhysical Access Control and Identity Management
Physical Access Control and Identity ManagementMayank Jain
 
Pattern For Ws Security
Pattern For Ws SecurityPattern For Ws Security
Pattern For Ws SecurityGianfranco Conti
 
Distributed cache service
Distributed cache serviceDistributed cache service
Distributed cache serviceprajeeshprathap
 
Chapter (2) 2
Chapter (2) 2Chapter (2) 2
Chapter (2) 2YA11
 
Jsug 20160422 slides
Jsug 20160422 slidesJsug 20160422 slides
Jsug 20160422 slidesYuichi Hasegawa
 
Spring Security
Spring SecuritySpring Security
Spring SecurityBoy Tech
 
Spring Day 2016 - Web API アクセス制御の最適解
Spring Day 2016 - Web API アクセス制御の最適解Spring Day 2016 - Web API アクセス制御の最適解
Spring Day 2016 - Web API アクセス制御の最適解都元ダイスケ Miyamoto
 

Recommandé

Secure Middleware with JBoss AS 5
Secure Middleware with JBoss AS 5Secure Middleware with JBoss AS 5
Secure Middleware with JBoss AS 5Anil Saldanha
 
Physical Access Control and Identity Management
Physical Access Control and Identity ManagementPhysical Access Control and Identity Management
Physical Access Control and Identity ManagementMayank Jain
 
Pattern For Ws Security
Pattern For Ws SecurityPattern For Ws Security
Pattern For Ws SecurityGianfranco Conti
 
Distributed cache service
Distributed cache serviceDistributed cache service
Distributed cache serviceprajeeshprathap
 
Chapter (2) 2
Chapter (2) 2Chapter (2) 2
Chapter (2) 2YA11
 
Jsug 20160422 slides
Jsug 20160422 slidesJsug 20160422 slides
Jsug 20160422 slidesYuichi Hasegawa
 
Spring Security
Spring SecuritySpring Security
Spring SecurityBoy Tech
 
Spring Day 2016 - Web API アクセス制御の最適解
Spring Day 2016 - Web API アクセス制御の最適解Spring Day 2016 - Web API アクセス制御の最適解
Spring Day 2016 - Web API アクセス制御の最適解都元ダイスケ Miyamoto
 
ASP.NET Web Security
ASP.NET Web SecurityASP.NET Web Security
ASP.NET Web SecuritySharePointRadi
 
Spring Security.ppt
Spring Security.pptSpring Security.ppt
Spring Security.pptPatiento Del Mar
 
SqlSa94
SqlSa94SqlSa94
SqlSa94Gabriel Villa
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Serviceguest536dd0e
 
Java secure development part 3
Java secure development part 3Java secure development part 3
Java secure development part 3Rafel Ivgi
 
Securing you SQL Server - Denver, RMTT
Securing you SQL Server - Denver, RMTTSecuring you SQL Server - Denver, RMTT
Securing you SQL Server - Denver, RMTTGabriel Villa
 
QualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
QualysGuard InfoDay 2012 - Secure Digital Vault for QualysQualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
QualysGuard InfoDay 2012 - Secure Digital Vault for QualysRisk Analysis Consultants, s.r.o.
 
Java EE Web Security By Example: Frank Kim
Java EE Web Security By Example: Frank KimJava EE Web Security By Example: Frank Kim
Java EE Web Security By Example: Frank Kimjaxconf
 
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...IBM Danmark
 
Java Web Programming [9/9] : Web Application Security
Java Web Programming [9/9] : Web Application SecurityJava Web Programming [9/9] : Web Application Security
Java Web Programming [9/9] : Web Application SecurityIMC Institute
 
Spring Framework - Spring Security
Spring Framework - Spring SecuritySpring Framework - Spring Security
Spring Framework - Spring SecurityDzmitry Naskou
 
Positive Technologies - S4 - Scada under x-rays
Positive Technologies - S4 - Scada under x-raysPositive Technologies - S4 - Scada under x-rays
Positive Technologies - S4 - Scada under x-raysqqlan
 
Fortress SQL Server
Fortress SQL ServerFortress SQL Server
Fortress SQL Serverwebhostingguy
 
Database Systems Security
Database Systems SecurityDatabase Systems Security
Database Systems Securityamiable_indian
 
The hidden gems of Spring Security
The hidden gems of Spring SecurityThe hidden gems of Spring Security
The hidden gems of Spring SecurityMassimiliano Dessì
 
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Amazon Web Services
 
Utilize the Full Power of GlassFish Server and Java EE Security
Utilize the Full Power of GlassFish Server and Java EE SecurityUtilize the Full Power of GlassFish Server and Java EE Security
Utilize the Full Power of GlassFish Server and Java EE SecurityMasoud Kalali
 
Spring Security 3
Spring Security 3Spring Security 3
Spring Security 3Jason Ferguson
 
Low Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureLow Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureMongoDB
 
Tips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramTips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramBeyondTrust
 
Quality attributes testing. From Architecture to test acceptance
Quality attributes testing. From Architecture to test acceptanceQuality attributes testing. From Architecture to test acceptance
Quality attributes testing. From Architecture to test acceptanceIT Weekend
 
Mobile development for JavaScript developer
Mobile development for JavaScript developerMobile development for JavaScript developer
Mobile development for JavaScript developerIT Weekend
 

Contenu connexe

Similaire à Spring security 3

Security As A Service
Security As A ServiceSecurity As A Service
Security As A Serviceguest536dd0e
 
Java secure development part 3
Java secure development part 3Java secure development part 3
Java secure development part 3Rafel Ivgi
 
Securing you SQL Server - Denver, RMTT
Securing you SQL Server - Denver, RMTTSecuring you SQL Server - Denver, RMTT
Securing you SQL Server - Denver, RMTTGabriel Villa
 
Java EE Web Security By Example: Frank Kim
Java EE Web Security By Example: Frank KimJava EE Web Security By Example: Frank Kim
Java EE Web Security By Example: Frank Kimjaxconf
 
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...IBM Danmark
 
Java Web Programming [9/9] : Web Application Security
Java Web Programming [9/9] : Web Application SecurityJava Web Programming [9/9] : Web Application Security
Java Web Programming [9/9] : Web Application SecurityIMC Institute
 
Spring Framework - Spring Security
Spring Framework - Spring SecuritySpring Framework - Spring Security
Spring Framework - Spring SecurityDzmitry Naskou
 
Positive Technologies - S4 - Scada under x-rays
Positive Technologies - S4 - Scada under x-raysPositive Technologies - S4 - Scada under x-rays
Positive Technologies - S4 - Scada under x-raysqqlan
 
Database Systems Security
Database Systems SecurityDatabase Systems Security
Database Systems Securityamiable_indian
 
The hidden gems of Spring Security
The hidden gems of Spring SecurityThe hidden gems of Spring Security
The hidden gems of Spring SecurityMassimiliano Dessì
 
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Amazon Web Services
 
Utilize the Full Power of GlassFish Server and Java EE Security
Utilize the Full Power of GlassFish Server and Java EE SecurityUtilize the Full Power of GlassFish Server and Java EE Security
Utilize the Full Power of GlassFish Server and Java EE SecurityMasoud Kalali
 
Low Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureLow Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureMongoDB
 
Tips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramTips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramBeyondTrust
 

Similaire à Spring security 3 (20)

ASP.NET Web Security
ASP.NET Web SecurityASP.NET Web Security
ASP.NET Web Security
 
Spring Security.ppt
Spring Security.pptSpring Security.ppt
Spring Security.ppt
 
SqlSa94
SqlSa94SqlSa94
SqlSa94
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
Java secure development part 3
Java secure development part 3Java secure development part 3
Java secure development part 3
 
Securing you SQL Server - Denver, RMTT
Securing you SQL Server - Denver, RMTTSecuring you SQL Server - Denver, RMTT
Securing you SQL Server - Denver, RMTT
 
QualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
QualysGuard InfoDay 2012 - Secure Digital Vault for QualysQualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
QualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
 
Java EE Web Security By Example: Frank Kim
Java EE Web Security By Example: Frank KimJava EE Web Security By Example: Frank Kim
Java EE Web Security By Example: Frank Kim
 
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...
 
Java Web Programming [9/9] : Web Application Security
Java Web Programming [9/9] : Web Application SecurityJava Web Programming [9/9] : Web Application Security
Java Web Programming [9/9] : Web Application Security
 
Spring Framework - Spring Security
Spring Framework - Spring SecuritySpring Framework - Spring Security
Spring Framework - Spring Security
 
Positive Technologies - S4 - Scada under x-rays
Positive Technologies - S4 - Scada under x-raysPositive Technologies - S4 - Scada under x-rays
Positive Technologies - S4 - Scada under x-rays
 
Fortress SQL Server
Fortress SQL ServerFortress SQL Server
Fortress SQL Server
 
Database Systems Security
Database Systems SecurityDatabase Systems Security
Database Systems Security
 
The hidden gems of Spring Security
The hidden gems of Spring SecurityThe hidden gems of Spring Security
The hidden gems of Spring Security
 
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
 
Utilize the Full Power of GlassFish Server and Java EE Security
Utilize the Full Power of GlassFish Server and Java EE SecurityUtilize the Full Power of GlassFish Server and Java EE Security
Utilize the Full Power of GlassFish Server and Java EE Security
 
Spring Security 3
Spring Security 3Spring Security 3
Spring Security 3
 
Low Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureLow Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More Secure
 
Tips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramTips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management Program
 

Plus de IT Weekend

Quality attributes testing. From Architecture to test acceptance
Quality attributes testing. From Architecture to test acceptanceQuality attributes testing. From Architecture to test acceptance
Quality attributes testing. From Architecture to test acceptanceIT Weekend
 
Mobile development for JavaScript developer
Mobile development for JavaScript developerMobile development for JavaScript developer
Mobile development for JavaScript developerIT Weekend
 
Building an Innovation & Strategy Process
Building an Innovation & Strategy ProcessBuilding an Innovation & Strategy Process
Building an Innovation & Strategy ProcessIT Weekend
 
IT Professionals – The Right Time/The Right Place
IT Professionals – The Right Time/The Right PlaceIT Professionals – The Right Time/The Right Place
IT Professionals – The Right Time/The Right PlaceIT Weekend
 
Building a Data Driven Organization
Building a Data Driven OrganizationBuilding a Data Driven Organization
Building a Data Driven OrganizationIT Weekend
 
7 Tools for the Product Owner
7 Tools for the Product Owner 7 Tools for the Product Owner
7 Tools for the Product Owner IT Weekend
 
Hacking your Doorbell
Hacking your DoorbellHacking your Doorbell
Hacking your DoorbellIT Weekend
 
An era of possibilities, a window in time
An era of possibilities, a window in timeAn era of possibilities, a window in time
An era of possibilities, a window in timeIT Weekend
 
Web services automation from sketch
Web services automation from sketchWeb services automation from sketch
Web services automation from sketchIT Weekend
 
REST that won't make you cry
REST that won't make you cryREST that won't make you cry
REST that won't make you cryIT Weekend
 
Как договариваться с начальником и заказчиком: выбираем нужный протокол общения
Как договариваться с начальником и заказчиком: выбираем нужный протокол общенияКак договариваться с начальником и заказчиком: выбираем нужный протокол общения
Как договариваться с начальником и заказчиком: выбираем нужный протокол общенияIT Weekend
 
Обзор программы SAP HANA Startup Focus
Обзор программы SAP HANA Startup FocusОбзор программы SAP HANA Startup Focus
Обзор программы SAP HANA Startup FocusIT Weekend
 
World of Agile: Kanban
World of Agile: KanbanWorld of Agile: Kanban
World of Agile: KanbanIT Weekend
 
Risk Management
Risk ManagementRisk Management
Risk ManagementIT Weekend
 
«Spring Integration as Integration Patterns Provider»
«Spring Integration as Integration Patterns Provider»«Spring Integration as Integration Patterns Provider»
«Spring Integration as Integration Patterns Provider»IT Weekend
 
Cutting edge of Machine Learning
Cutting edge of Machine LearningCutting edge of Machine Learning
Cutting edge of Machine LearningIT Weekend
 
Parallel Programming In Modern World .NET Technics
Parallel Programming In Modern World .NET TechnicsParallel Programming In Modern World .NET Technics
Parallel Programming In Modern World .NET TechnicsIT Weekend
 
Parallel programming in modern world .net technics shared
Parallel programming in modern world .net technics sharedParallel programming in modern world .net technics shared
Parallel programming in modern world .net technics sharedIT Weekend
 
Maximize Effectiveness of Human Capital
Maximize Effectiveness of Human CapitalMaximize Effectiveness of Human Capital
Maximize Effectiveness of Human CapitalIT Weekend
 

Plus de IT Weekend (20)

Quality attributes testing. From Architecture to test acceptance
Quality attributes testing. From Architecture to test acceptanceQuality attributes testing. From Architecture to test acceptance
Quality attributes testing. From Architecture to test acceptance
 
Mobile development for JavaScript developer
Mobile development for JavaScript developerMobile development for JavaScript developer
Mobile development for JavaScript developer
 
Building an Innovation & Strategy Process
Building an Innovation & Strategy ProcessBuilding an Innovation & Strategy Process
Building an Innovation & Strategy Process
 
IT Professionals – The Right Time/The Right Place
IT Professionals – The Right Time/The Right PlaceIT Professionals – The Right Time/The Right Place
IT Professionals – The Right Time/The Right Place
 
Building a Data Driven Organization
Building a Data Driven OrganizationBuilding a Data Driven Organization
Building a Data Driven Organization
 
7 Tools for the Product Owner
7 Tools for the Product Owner 7 Tools for the Product Owner
7 Tools for the Product Owner
 
Hacking your Doorbell
Hacking your DoorbellHacking your Doorbell
Hacking your Doorbell
 
An era of possibilities, a window in time
An era of possibilities, a window in timeAn era of possibilities, a window in time
An era of possibilities, a window in time
 
Web services automation from sketch
Web services automation from sketchWeb services automation from sketch
Web services automation from sketch
 
Why Ruby?
Why Ruby? Why Ruby?
Why Ruby?
 
REST that won't make you cry
REST that won't make you cryREST that won't make you cry
REST that won't make you cry
 
Как договариваться с начальником и заказчиком: выбираем нужный протокол общения
Как договариваться с начальником и заказчиком: выбираем нужный протокол общенияКак договариваться с начальником и заказчиком: выбираем нужный протокол общения
Как договариваться с начальником и заказчиком: выбираем нужный протокол общения
 
Обзор программы SAP HANA Startup Focus
Обзор программы SAP HANA Startup FocusОбзор программы SAP HANA Startup Focus
Обзор программы SAP HANA Startup Focus
 
World of Agile: Kanban
World of Agile: KanbanWorld of Agile: Kanban
World of Agile: Kanban
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
«Spring Integration as Integration Patterns Provider»
«Spring Integration as Integration Patterns Provider»«Spring Integration as Integration Patterns Provider»
«Spring Integration as Integration Patterns Provider»
 
Cutting edge of Machine Learning
Cutting edge of Machine LearningCutting edge of Machine Learning
Cutting edge of Machine Learning
 
Parallel Programming In Modern World .NET Technics
Parallel Programming In Modern World .NET TechnicsParallel Programming In Modern World .NET Technics
Parallel Programming In Modern World .NET Technics
 
Parallel programming in modern world .net technics shared
Parallel programming in modern world .net technics sharedParallel programming in modern world .net technics shared
Parallel programming in modern world .net technics shared
 
Maximize Effectiveness of Human Capital
Maximize Effectiveness of Human CapitalMaximize Effectiveness of Human Capital
Maximize Effectiveness of Human Capital
 

Dernier

Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftshyamraj55
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?Mark Billinghurst
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeCzechDreamin
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...panagenda
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfSrushith Repakula
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutesconfluent
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceSamy Fodil
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101vincent683379
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Julian Hyde
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIES VE
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...CzechDreamin
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfFIDO Alliance
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureFemke de Vroome
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...marcuskenyatta275
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...FIDO Alliance
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastUXDXConf
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyUXDXConf
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Patrick Viafore
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfFIDO Alliance
 

Dernier (20)

Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM Performance
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
Overview of Hyperledger Foundation
Overview of Hyperledger FoundationOverview of Hyperledger Foundation
Overview of Hyperledger Foundation
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at Comcast
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
 

Spring security 3

Notes de l'éditeur

  1. -it packages up everything you need to implement a top-to-bottom application security-integration with many common enterprise authentication systems
  2. Implementing a Spring Security XMLconfiguration file&lt;?xml version=&quot;1.0&quot; encoding=&quot;UTF-8&quot;?&gt;&lt;beans:beansxmlns=&quot;http://www.springframework.org/schema/security&quot;xmlns:xsi=&quot;http://www.w3.org/2001/XMLSchema-instance&quot;xmlns:beans=&quot;http://www.springframework.org/schema/beans&quot;xsi:schemaLocation=&quot;http://www.springframework.org/schema/beanshttp://www.springframework.org/schema/beans/spring-beans.xsdhttp://www.springframework.org/schema/securityhttp://www.springframework.org/schema/security/spring-security-3.0.xsd&quot;&gt; &lt;http auto-config=&quot;true&quot;&gt; &lt;intercept-url pattern=&quot;/*&quot; access=&quot;ROLE_USER&quot;/&gt; &lt;/http&gt; &lt;authentication-manager alias=&quot;authenticationManager&quot;&gt; &lt;authentication-provider&gt; &lt;user-service&gt; &lt;user authorities=&quot;ROLE_USER&quot; name=&quot;guest&quot; password=&quot;guest&quot;/&gt; &lt;/user-service&gt; &lt;/authentication-provider&gt; &lt;/authentication-manager&gt;&lt;/beans:beans&gt;Adding the Spring DelegatingFilterProxyto your web.xml file&lt;filter&gt; &lt;filter-name&gt;springSecurityFilterChain&lt;/filter-name&gt; &lt;filterclass&gt;org.springframework.web.filter.DelegatingFilterProxy &lt;/filter-class&gt;&lt;/filter&gt;&lt;filter-mapping&gt;&lt;filter-name&gt;springSecurityFilterChain&lt;/filter-name&gt;&lt;url-pattern&gt;/*&lt;/url-pattern&gt;&lt;/filter-mapping&gt;Adding the Spring Security XML configurationfile reference to web.xml&lt;servlet&gt; &lt;servlet-name&gt;dogstore&lt;/servlet-name&gt; &lt;servletclass&gt;org.springframework.web.servlet.DispatcherServlet &lt;/servlet-class&gt; &lt;load-on-startup&gt;1&lt;/load-on-startup&gt;&lt;/servlet&gt;
  3. Login page customization – login controllerlogin JSP&lt;http auto-config=&quot;true&quot; use-expressions=&quot;true&quot;&gt;&lt;intercept-url pattern=&quot;/*&quot; access=&quot;hasRole(&apos;ROLE_USER&apos;)&quot;/&gt;&lt;form-login login-page=&quot;/login.do&quot; /&gt;&lt;/http&gt;