This week's book giveaway is in the OO, Patterns, UML and Refactoring forum.
We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line!
See this thread for details.
The moose likes Spring and the fly likes Security Role Mapping in Spring Security. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Security Role Mapping in Spring Security." Watch "Security Role Mapping in Spring Security." New topic

Security Role Mapping in Spring Security.

Skanda Raman
Ranch Hand

Joined: Mar 21, 2008
Posts: 205

I am new to springs security and trying to configure spring security in my application. My application server is WAS. Initially the application security was set up as below in deployment descriptor.

Now I have configured the application using spring security as below.

When I deploy my application in WAS earlier, USER role would map to security role mappings. All users configured in AD base will be thus validated.

Now -

How can I set up the USER Role in Spring Security?

Can I mention the security role as done in web.xml explicitly so that there are no username/password listed in security file as above.

Skanda Raman
Ranch Hand

Joined: Mar 21, 2008
Posts: 205

Any help on this?
bala nannaka
Ranch Hand

Joined: Apr 02, 2007
Posts: 49
You can use
<sec:authentication-manager alias="authenticationManager">
<sec:authentication-provider ref="preauthAuthProvider" />

<bean id="preauthAuthProvider" class="">
<property name="preAuthenticatedUserDetailsService">
<bean id="userDetailsServiceWrapper" class="">
<property name="userDetailsService" ref="userDetailsService" />

Where userDetailService is the service which will return all the user related inforamtion and you can map roles using below code

<bean id="userDetailsService" class="Your Service Class">
<property name="userRoles2GrantedAuthoritiesMapper">
<bean class="">
<property name="attributePrefix" value="ROLE_" />
Have you checked out Aspose?
subject: Security Role Mapping in Spring Security.
It's not a secret anymore!