| Author |
Question on Spring Security & Spring MVC.
|
Vivek Alampally
Ranch Hand
Joined: Jul 10, 2008
Posts: 67
|
|
Hi All,
I am using Spring MVC and Spring Security to implement a small application. I am relatively new in using both the technologies.
My problem is When a User enters some urls based on the some pattern, I want to intercept that using some things like controller/ a custom filter.
In that cusom filter/controller I will do checks and decide, what to do next like whether user should be allowed to pass to the requested url (based on access the user posses) ,whether he should be denied, whether he should be forwarded to some other page.
I am currently using filters defined by Spring Security to intercept URLS.
So, my question is
How to plug in custom filter like this to other existing filters? 
I have other question also ,
What difference does it make, if I use a custom filter instead of controller method.
Let me know if you have any questions regarding the problem I have.
And, thanks for sharing your knowledge and valuable time.
I have posted this question on Spring official forum http://forum.springsource.org/showthread.php?112090-Question-on-Spring-Security-amp-Spring-MVC.&p=371642#post371642
Vivek.
|
 |
Prasad Krishnegowda
Ranch Hand
Joined: Apr 25, 2010
Posts: 503
|
|
Vivek Alampally wrote:
My problem is When a User enters some urls based on the some pattern, I want to intercept that using some things like controller/ a custom filter.
In that cusom filter/controller I will do checks and decide, what to do next like whether user should be allowed to pass to the requested url (based on access the user posses) ,whether he should be denied, whether he should be forwarded to some other page.
This is what spring security will do. When a user enters some url, it searches if user has an established session, if session, it checks the roles he/she is having and if the user having that role is allowed view the page requested, it shows them the page, if not, it shows them the access-denied page. If session doesn't exists for that user, it routes them to login page.
Why you want to reinvent the wheel?
|
Regards, Prasad
SCJP 5 (93%)
|
|
Tommy Delson
Ranch Hand
Joined: Apr 13, 2011
Posts: 206
|
|
Spring has everything to implement the Security feature, all you need to do is make a configuration and enforce the security.
Part of the implementation and how to do it we let you start from there, we'll walk through if you have any further question.
|
OCPJP6-05-11
"Your life is in your hands, to make of it what you choose."
|
|
 |
I agree. Here's the link: jrebel
|
|
subject: Question on Spring Security & Spring MVC.
|
|
|
0
