This week's book giveaway is in the Clojure forum.
We're giving away four copies of Clojure in Action and have Amit Rathore and Francis Avila on-line!
See this thread for details.
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Question on Spring Security & Spring MVC.

 
Vivek Alampally
Ranch Hand
Posts: 67
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,
I am using Spring MVC and Spring Security to implement a small application. I am relatively new in using both the technologies.


My problem is When a User enters some urls based on the some pattern, I want to intercept that using some things like controller/ a custom filter.
In that cusom filter/controller I will do checks and decide, what to do next like whether user should be allowed to pass to the requested url (based on access the user posses) ,whether he should be denied, whether he should be forwarded to some other page.

I am currently using filters defined by Spring Security to intercept URLS.

So, my question is

How to plug in custom filter like this to other existing filters?

I have other question also ,

What difference does it make, if I use a custom filter instead of controller method.

Let me know if you have any questions regarding the problem I have.

And, thanks for sharing your knowledge and valuable time.

I have posted this question on Spring official forum http://forum.springsource.org/showthread.php?112090-Question-on-Spring-Security-amp-Spring-MVC.&p=371642#post371642

Vivek.
 
Prasad Krishnegowda
Ranch Hand
Posts: 665
4
Eclipse IDE Java Spring
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Vivek Alampally wrote:

My problem is When a User enters some urls based on the some pattern, I want to intercept that using some things like controller/ a custom filter.
In that cusom filter/controller I will do checks and decide, what to do next like whether user should be allowed to pass to the requested url (based on access the user posses) ,whether he should be denied, whether he should be forwarded to some other page.


This is what spring security will do. When a user enters some url, it searches if user has an established session, if session, it checks the roles he/she is having and if the user having that role is allowed view the page requested, it shows them the page, if not, it shows them the access-denied page. If session doesn't exists for that user, it routes them to login page.

Why you want to reinvent the wheel?
 
Tommy Delson
Ranch Hand
Posts: 206
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Spring has everything to implement the Security feature, all you need to do is make a configuration and enforce the security.

Part of the implementation and how to do it we let you start from there, we'll walk through if you have any further question.

 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic