Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Spring 3 Security: example app

 
Gian Franco
blacksmith
Ranch Hand
Posts: 979
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Peter,

Did you manage to get all the features you wanted
to explain in the e-commerce website used as an
example in your book. Or was there something you
would have liked to include, but didn't for one or
the other reason?

Cheers,

Gian
 
Peter Mularien
Author
Ranch Hand
Posts: 84
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Gian,

Great question. In fact, yes - if you look at the example application as a full e-commerce site (such as the excellent Java Pet Store application commonly used), you'll find it pretty pathetic. After a lot of debate (with myself), I ended up deciding that I'd make the application as simple as possible, so that I didn't confuse readers by adding functionality that was really feature-driven, and not directly tied to anything in Spring Security. The upside of this is that the book really focuses on a step-wise approach of adding security functionality to the site, using the site as a baseline template to which we bolt on different things. In some cases this really doesn't make sense (for example, using CAS authentication against a true e-commerce site would be nonsensical), but the consistency and reuse of the same site throughout the book allows us to focus on only those configuration elements that you are required to add to enable a particular type of integration or feature.

There's certainly a lot more I would have liked to include - as I say on the book's web site and in the introduction, the book is not a reference manual, and it doesn't cover everything in the framework - but it's not intended to be, it's intended to cover in an appropriate and clear level of detail many of the key architectural and conceptual elements required to implement Spring Security, and many of the key integration points that the framework has. Some may find it frustrating that I didn't cover a particular topic near and dear to them, and for this I apologize! My hope is that even if I don't cover something in particular (basic authentication being an example), I cover things similar enough to it that understanding the concepts, plus the implementation of similar features, will enable the reader to be far more productive than simply reading the (excellent) reference documentation that comes with Spring Security 3.

Hope that's not too long-winded an answer to your question!

Peter
 
Gian Franco
blacksmith
Ranch Hand
Posts: 979
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
long-winded...not at all, thanks for the explanation!

Gian
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic