File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Spring and the fly likes Question on Spring Security & Spring MVC. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Question on Spring Security & Spring MVC." Watch "Question on Spring Security & Spring MVC." New topic
Author

Question on Spring Security & Spring MVC.

Vivek Alampally
Ranch Hand

Joined: Jul 10, 2008
Posts: 67
Hi All,
I am using Spring MVC and Spring Security to implement a small application. I am relatively new in using both the technologies.


My problem is When a User enters some urls based on the some pattern, I want to intercept that using some things like controller/ a custom filter.
In that cusom filter/controller I will do checks and decide, what to do next like whether user should be allowed to pass to the requested url (based on access the user posses) ,whether he should be denied, whether he should be forwarded to some other page.

I am currently using filters defined by Spring Security to intercept URLS.

So, my question is

How to plug in custom filter like this to other existing filters?

I have other question also ,

What difference does it make, if I use a custom filter instead of controller method.

Let me know if you have any questions regarding the problem I have.

And, thanks for sharing your knowledge and valuable time.

I have posted this question on Spring official forum http://forum.springsource.org/showthread.php?112090-Question-on-Spring-Security-amp-Spring-MVC.&p=371642#post371642

Vivek.
Prasad Krishnegowda
Ranch Hand

Joined: Apr 25, 2010
Posts: 507

Vivek Alampally wrote:

My problem is When a User enters some urls based on the some pattern, I want to intercept that using some things like controller/ a custom filter.
In that cusom filter/controller I will do checks and decide, what to do next like whether user should be allowed to pass to the requested url (based on access the user posses) ,whether he should be denied, whether he should be forwarded to some other page.


This is what spring security will do. When a user enters some url, it searches if user has an established session, if session, it checks the roles he/she is having and if the user having that role is allowed view the page requested, it shows them the page, if not, it shows them the access-denied page. If session doesn't exists for that user, it routes them to login page.

Why you want to reinvent the wheel?


Regards, Prasad
SCJP 5 (93%)
Tommy Delson
Ranch Hand

Joined: Apr 13, 2011
Posts: 206
Spring has everything to implement the Security feature, all you need to do is make a configuration and enforce the security.

Part of the implementation and how to do it we let you start from there, we'll walk through if you have any further question.


OCPJP6-05-11
"Your life is in your hands, to make of it what you choose."
 
Consider Paul's rocket mass heater.
 
subject: Question on Spring Security & Spring MVC.
 
Similar Threads
explicitly making any user logout from the site
Need help in desgining the application.
Security in Interceptor Filter
Interceptor inside applicationcontext.xml?
Spring + MVC pattern in non-web application