SCJA 1.0, SCJP 1.4, SCWCD 1.4, SCBCD 1.3, SCJP 5.0, SCEA 5, SCBCD 5; OCUP - Fundamental, Intermediate and Advanced; IBM Certified Solution Designer - OOAD, vUML 2; SpringSource Certified Spring Professional
Sagar Kale wrote:I guess security will be taken care by Spring Security(Acegi).
SCJA 1.0, SCJP 1.4, SCWCD 1.4, SCBCD 1.3, SCJP 5.0, SCEA 5, SCBCD 5; OCUP - Fundamental, Intermediate and Advanced; IBM Certified Solution Designer - OOAD, vUML 2; SpringSource Certified Spring Professional
Kengkaj Sathianpantarit wrote:
Hmm, what security? There are many topics in security, but I'm talking about Role-based authorization in Spring Web Flow 2.
Spring Web Flow 2 should have some kind of interfaces/generic implementations and able to plug external security framework like Spring Security.
Saying just Spring Security takes care security concern is not clear to me.
Sagar Kale wrote:
Well I don't know Spring Web Flow but I guess Acegi security which is known as Spring Security now, gets integrated with Spring MVC. It should not have problem getting integrated to Spring Web Flow.
SCJA 1.0, SCJP 1.4, SCWCD 1.4, SCBCD 1.3, SCJP 5.0, SCEA 5, SCBCD 5; OCUP - Fundamental, Intermediate and Advanced; IBM Certified Solution Designer - OOAD, vUML 2; SpringSource Certified Spring Professional
Kengkaj Sathianpantarit wrote:
My question is not how to use Spring Security in Spring Web Flow, but if Spring Web Flow has role-based authorization feature.
How Spring Security integrate with Spring Web MVC? I'm not aware of that. Or do you mean integrate with Spring?
Author of the book Spring Web Flow 2 Web Development. Available at http://www.packtpub.com/develop-powerful-web-applications-with-spring-web-flow-2/book
Sagar Kale wrote:
Kengkaj Sathianpantarit wrote:
My question is not how to use Spring Security in Spring Web Flow, but if Spring Web Flow has role-based authorization feature.
How Spring Security integrate with Spring Web MVC? I'm not aware of that. Or do you mean integrate with Spring?
Please find tutorial here. Spring Security tutorial. If you google, you will get more tutorials.
You have to configure it in web.xml like following
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
</filter>
security.xml
<security:http auto-config="true">
<security:form-login login-page="/login.jsp"
default-target-url="/home.htm"
authentication-failure-url="/login.jsp?error=true" />
<security:logout logout-success-url="/login.jsp" />
<security:intercept-url pattern="/home.htm*" access="ROLE_USER" />
<security:intercept-url pattern="/empList.htm*"
access="ROLE_USER" />
<security:intercept-url pattern="/addEmp.htm*"
access="ROLE_ADMIN" />
</security:http>
SCJA 1.0, SCJP 1.4, SCWCD 1.4, SCBCD 1.3, SCJP 5.0, SCEA 5, SCBCD 5; OCUP - Fundamental, Intermediate and Advanced; IBM Certified Solution Designer - OOAD, vUML 2; SpringSource Certified Spring Professional
-Nate
Write once, run anywhere, because there's nowhere to hide! - /. A.C.
Padmapriya
Padmapriya Ranganathan wrote:No generalized framework can provide complete feature for this.
SCJA 1.0, SCJP 1.4, SCWCD 1.4, SCBCD 1.3, SCJP 5.0, SCEA 5, SCBCD 5; OCUP - Fundamental, Intermediate and Advanced; IBM Certified Solution Designer - OOAD, vUML 2; SpringSource Certified Spring Professional
Kengkaj Sathianpantarit wrote:
Padmapriya Ranganathan wrote:No generalized framework can provide complete feature for this.
No, it can. Why not?
Mourougan
Open Source leads to Open Mind
Kengkaj Sathianpantarit wrote:
Padmapriya Ranganathan wrote:No generalized framework can provide complete feature for this.
No, it can. Why not?
Padmapriya
Padmapriya Ranganathan wrote:
Kengkaj Sathianpantarit wrote:
Padmapriya Ranganathan wrote:No generalized framework can provide complete feature for this.
No, it can. Why not?
Really !!? Can you please provide an example for this? (after all learning is part of our life !) I think none of the framework provides full featured role based security without using other plugins like JAAS.
SCJA 1.0, SCJP 1.4, SCWCD 1.4, SCBCD 1.3, SCJP 5.0, SCEA 5, SCBCD 5; OCUP - Fundamental, Intermediate and Advanced; IBM Certified Solution Designer - OOAD, vUML 2; SpringSource Certified Spring Professional
I do some of my very best work in water. Like this tiny ad:
We need your help - Coderanch server fundraiser
https://coderanch.com/wiki/782867/Coderanch-server-fundraiser
|