aspose file tools*
The moose likes Spring and the fly likes Is using Spring Security more secure than providing your own simple authentication? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Is using Spring Security more secure than providing your own simple authentication?" Watch "Is using Spring Security more secure than providing your own simple authentication?" New topic
Author

Is using Spring Security more secure than providing your own simple authentication?

Monica. Shiralkar
Ranch Hand

Joined: Jul 07, 2012
Posts: 639
Is using Spring Security more secure than providing your own simple authentication(login logout using session).?
Prasad Krishnegowda
Ranch Hand

Joined: Apr 25, 2010
Posts: 510

It depends on what's your definition of secure?

If only login/logout is you definition, then we cant compare, both may be same.
one reason, which i can think of to using spring security, even in this case is, session fixation problem can be easily solved using spring security, which may not be case if we just use our own login mechanism.

Using spring security is always recommended, instead of we implementing login/logout functionality, why do you want to reinvent the wheel when its already invented?
It helps in future to implement SSO and so on..

Regards, Prasad
SCJP 5 (93%)
Monica. Shiralkar
Ranch Hand

Joined: Jul 07, 2012
Posts: 639
Thanks.I got the answer to some extent.i meant to ask are applications with Spring Security integrated more secure than normal Applications?What did you mean by 'session fixation problem'
Prasad Krishnegowda
Ranch Hand

Joined: Apr 25, 2010
Posts: 510

Monica. Shiralkar wrote:are applications with Spring Security integrated more secure than normal Applications?

We can frame this sentence as "applications with Spring Security integrated are more easier to be made secure than normal Applications."

However as i wrote earlier..
Prasad Krishnegowda wrote:It depends on what's your definition of secure?


Monica. Shiralkar wrote:What did you mean by 'session fixation problem'

See this http://en.wikipedia.org/wiki/Session_fixation


 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Is using Spring Security more secure than providing your own simple authentication?