aspose file tools*
The moose likes Spring and the fly likes Question on Spring Security & Spring MVC. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Question on Spring Security & Spring MVC." Watch "Question on Spring Security & Spring MVC." New topic
Author

Question on Spring Security & Spring MVC.

Vivek Alampally
Ranch Hand

Joined: Jul 10, 2008
Posts: 67
Hi All,
I am using Spring MVC and Spring Security to implement a small application. I am relatively new in using both the technologies.


My problem is When a User enters some urls based on the some pattern, I want to intercept that using some things like controller/ a custom filter.
In that cusom filter/controller I will do checks and decide, what to do next like whether user should be allowed to pass to the requested url (based on access the user posses) ,whether he should be denied, whether he should be forwarded to some other page.

I am currently using filters defined by Spring Security to intercept URLS.

So, my question is

How to plug in custom filter like this to other existing filters?

I have other question also ,

What difference does it make, if I use a custom filter instead of controller method.

Let me know if you have any questions regarding the problem I have.

And, thanks for sharing your knowledge and valuable time.

I have posted this question on Spring official forum http://forum.springsource.org/showthread.php?112090-Question-on-Spring-Security-amp-Spring-MVC.&p=371642#post371642

Vivek.
Prasad Krishnegowda
Ranch Hand

Joined: Apr 25, 2010
Posts: 538

Vivek Alampally wrote:

My problem is When a User enters some urls based on the some pattern, I want to intercept that using some things like controller/ a custom filter.
In that cusom filter/controller I will do checks and decide, what to do next like whether user should be allowed to pass to the requested url (based on access the user posses) ,whether he should be denied, whether he should be forwarded to some other page.


This is what spring security will do. When a user enters some url, it searches if user has an established session, if session, it checks the roles he/she is having and if the user having that role is allowed view the page requested, it shows them the page, if not, it shows them the access-denied page. If session doesn't exists for that user, it routes them to login page.

Why you want to reinvent the wheel?
Tommy Delson
Ranch Hand

Joined: Apr 13, 2011
Posts: 206
Spring has everything to implement the Security feature, all you need to do is make a configuration and enforce the security.

Part of the implementation and how to do it we let you start from there, we'll walk through if you have any further question.


OCPJP6-05-11
"Your life is in your hands, to make of it what you choose."
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Question on Spring Security & Spring MVC.