• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

[Spring 3 Security] Integration with AJAX frameworks

 
Vikas Kapoor
Ranch Hand
Posts: 1374
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Peter,

I would like to know if your book covers security integration with various AJAX frameworks. I quickly go through the TOC but could not spot it. Actually, in my current project we are facing some issue regarding integration of security 2.4 and DWR. so I wonder if your book covers this.

Thank you for writing book. It surely takes lots of effort.

Is review from moderator available yet?

Thank you.
 
Peter Mularien
Author
Ranch Hand
Posts: 84
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Vikas,

Unfortunately you are correct in that we don't specifically cover security of AJAX frameworks using Spring Security in the book. Typically, security of AJAX methods is handled through some more advanced configuration (or even customization), depending on how your AJAX calls are implemented - if they are simple REST or JSON/XML URL requests, Spring Sec can of course handle these just like any other URL - the challenge being correctly handling unauthenticated users and ensuring that they get authenticated. Typically this would happen through a combination of custom access denied handling (AuthenticationEntryPoint) and possibly custom Javascript to recognize when a "user is unauthenticated" request comes back from the server.

Actually, I did have coverage of AJAX techniques in the original outline for the book, but as I started exploring what I would need to cover, and the depth I would need to cover it (since many people really don't understand how AJAX works in the first place), it seemed like it would distract from the focus of the book, which was on the framework features and design itself. I would hope that if you were to read the book, you would have a better understanding of how to wire up AJAX in a secure fashion, even if it's not explicitly covered in the step-by-step approach that works effectively throughout the other examples in the book.

Maybe I should write a "Integrating Spring Security 3" book next

Best,
Peter
 
Vikas Kapoor
Ranch Hand
Posts: 1374
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Peter!
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic