File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Extension to ACL in Spring Security

 
sourabh girdhar
Ranch Hand
Posts: 71
Java Spring Ubuntu
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

First of all thanks for coming with a very nice book.

I have one question that just like in Spring security we have ACLs in our firm we have our own group management that is enterprise user control list. Our system exposes some API to applications useing it and also connects to LDAP for lot of info.

Is there any provision to extend the concept of ACL, so that if in future if we plan to implement spring security at enterprise level it could be easier for us.

As we discovered that spring security provides a lot of features around ACL and LDAP. We already use Spring in most of our applications so it could be a new milestone in our security system.

Thanks
Sourabh Girdhar
 
Peter Mularien
Author
Ranch Hand
Posts: 84
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Sourabh,

Thanks for the compliments!

The Spring Security ACL subsystem is certainly intended to be extended (in the truest OO sense) to develop whatever functionality your business unit might need. It comes out of the box with a very flexible system of inheritance and user/group/data relationship modeling that is likely to satify many common scenarios.

That said, it's very complex code which is written in a different style than most of the rest of Spring Security, and many new developers have a hard time getting their heads around it, so please do keep in mind the learning curve when rolling this out, especially to more junior developers.

The difficulty of understanding this part of the framework is one of the reasons I felt strongly about dedicating a whole chapter to ACLs in the book - this wasn't originally what I planned, but after reviewing the complexity of the code, I felt that I couldn't do justice to explaining it without having (checking my notes) about 35 pages of material on it

Hope that answers your question!

Best,
Peter
 
sourabh girdhar
Ranch Hand
Posts: 71
Java Spring Ubuntu
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Peter !!
That answers my question in a perfect way and hopefully we shall be able to integrate Spring security after digging into more details through your book and Spring reference.

Thanks and Cheers

Sourabh
 
Ashish Anant Patil
Greenhorn
Posts: 7
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
can i have reference to that book..
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic