• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Liutauras Vilda
  • Bear Bibeault
  • Junilu Lacar
  • Martin Vashko
  • Jeanne Boyarsky
  • Tim Cooke
  • Knute Snortum
Saloon Keepers:
  • Ron McLeod
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Scott Selikoff
  • salvin francis
  • Piet Souris

Spring 3 Security Book Approach

Ranch Hand
Posts: 426
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Peter,

I just recently learned about spring framework and still trying to understand some nitty gritty details.
I am using it in my sample application right now.

Often, when I hear about web-app security, its the job of the architect to deal with it.

I basically perform some simple security aspects such as DB Validation/restrict access to certain urls.
Other than that, I must admit that my knowledge about security is a little shallow.

My question would be, can a beginner like me can catch up with the examples in the book?
I mainly use Tomcat as the Web Server, does this book has preference to others(Apache/Websphere/JBOSS)?

Posts: 84
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Mark,

Definitely! Actually, for convenience and out of its familiarity to most developers, we use Tomcat for all the examples in this book. The application is a (purposely) very simple "e-commerce" site (see this thread for a more detailed explanation of the design choices), and we start with conceptual building blocks (what is authentication? what is authorization?) as well as technical building blocks (how does a servlet filter chain work?) as we progressively secure the example site.

I certainly intended for this book to be very accessible to beginners (although we assume you know something about Spring, we don't use any advanced features of it), and I haven't (yet) had any feedback from readers that it's not - in fact, quite the opposite, all the feedback I've personally received thus far has been very positive

Based on the needs you list for your application (URL restriction, database validation), it sounds like Spring Security would replace a lot of your code with (most likely) a much simpler out of the box solution - if you're using Spring already, you should definitely check it out

I hope that answers your question!

What's gotten into you? Could it be this tiny ad?
Java file APIs (DOC, XLS, PDF, and many more)
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!