Search...
FAQs Subscribe
Pie
FAQs
Recent topics Flagged topics Hot topics Best topics
Search...
Search within Spring Search Coderanch
Advance search Google search
Register / Login
This week's book giveaway is in the Programmer Certification forum.
We're giving away four copies of OCP Oracle Certified Professional Java SE 21 Developer (Exam 1Z0-830) Java SE 17 Developer (Exam 1Z0-829) Programmer’s Guide and have Khalid Mughal and Vasily Strelnikov on-line!
See this thread for details.
Win a copy of OCP Oracle Certified Professional Java SE 21 Developer (Exam 1Z0-830) Java SE 17 Developer (Exam 1Z0-829) Programmer’s Guide this week in the Programmer Certification forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
advertise on coderanch book review grid meaningless drivel thread boost building better world book
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • paul wheaton
  • Ron McLeod
  • Devaka Cooray
Sheriffs:
  • Jeanne Boyarsky
  • Liutauras Vilda
  • Paul Clapham
Saloon Keepers:
  • Tim Holloway
  • Carey Brown
  • Piet Souris
Bartenders:

Spring 3 and 2-way ssl

 
Brent W Farrell
Greenhorn
Posts: 18
posted 14 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
Hi Peter,
I am admittedly unfamiliar with Spring Security but I am interested in possibly using it in a project. I am working an application that is using 2-way ssl for user authentication. Would Spring Security be compatible with this and allow me to create role based security in my application.

Thanks.
 
Peter Mularien
Author
Posts: 84
posted 14 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
Hi Brent,

Sure, I assume by "2-way SSL", you mean the combination of standard server SSL and client certificate authentication. We definitely cover this in the book, in fact there is an entire chapter on configuring Spring Security 3 to use this method of authentication (also called X.509 authentication).

Role-based authorization can be configured independently of the authentication method you use, so you can definitely combine these two.

You may want to see my prior responses on both these subjects yesterday:
* Spring 3 and X.509 Authentication
* Extension to ACL in Spring Security
* Security RBAC

Hope this answers your question!

Best,
Peter

Author, Spring Security 3 (the Book), Packt Publishing, 2010
SCJP, OCP

 
Did you see how Paul cut 87% off of his electric heat bill with 82 watts of micro heaters?
reply
reply
    Bookmark Topic Watch Topic
  • New Topic
Boost this thread!
Similar Threads
More...