aspose file tools*
The moose likes Spring and the fly likes Spring 3 Security Book Approach Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Spring 3 Security Book Approach" Watch "Spring 3 Security Book Approach" New topic
Author

Spring 3 Security Book Approach

Mark Reyes
Ranch Hand

Joined: Jul 09, 2007
Posts: 426
Hi Peter,

I just recently learned about spring framework and still trying to understand some nitty gritty details.
I am using it in my sample application right now.

Often, when I hear about web-app security, its the job of the architect to deal with it.

I basically perform some simple security aspects such as DB Validation/restrict access to certain urls.
Other than that, I must admit that my knowledge about security is a little shallow.

My question would be, can a beginner like me can catch up with the examples in the book?
I mainly use Tomcat as the Web Server, does this book has preference to others(Apache/Websphere/JBOSS)?


Thanks.


Sean Clark ---> I love this place!!!
Me ------> I definitely love this place!!!
Peter Mularien
Author
Ranch Hand

Joined: Sep 06, 2007
Posts: 84
Hello Mark,

Definitely! Actually, for convenience and out of its familiarity to most developers, we use Tomcat for all the examples in this book. The application is a (purposely) very simple "e-commerce" site (see this thread for a more detailed explanation of the design choices), and we start with conceptual building blocks (what is authentication? what is authorization?) as well as technical building blocks (how does a servlet filter chain work?) as we progressively secure the example site.

I certainly intended for this book to be very accessible to beginners (although we assume you know something about Spring, we don't use any advanced features of it), and I haven't (yet) had any feedback from readers that it's not - in fact, quite the opposite, all the feedback I've personally received thus far has been very positive

Based on the needs you list for your application (URL restriction, database validation), it sounds like Spring Security would replace a lot of your code with (most likely) a much simpler out of the box solution - if you're using Spring already, you should definitely check it out

I hope that answers your question!

Best
Peter


Author, Spring Security 3 (the Book), Packt Publishing, 2010
SCJP, OCP
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Spring 3 Security Book Approach
 
Similar Threads
New to Spring
Spring 3 security?
Spring Web Flow 2 Web Development
Springļæ½s ROI
Does Spring Web Flow 2 have role based authorization to execute flow feature?