aspose file tools*
The moose likes Spring and the fly likes Security Role Mapping in Spring Security. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Security Role Mapping in Spring Security." Watch "Security Role Mapping in Spring Security." New topic
Author

Security Role Mapping in Spring Security.

Skanda Raman
Ranch Hand

Joined: Mar 21, 2008
Posts: 205

I am new to springs security and trying to configure spring security in my application. My application server is WAS. Initially the application security was set up as below in deployment descriptor.



Now I have configured the application using spring security as below.



When I deploy my application in WAS earlier, USER role would map to security role mappings. All users configured in AD base will be thus validated.

Now -

How can I set up the USER Role in Spring Security?

Can I mention the security role as done in web.xml explicitly so that there are no username/password listed in security file as above.

Skanda
Skanda Raman
Ranch Hand

Joined: Mar 21, 2008
Posts: 205

Any help on this?
bala nannaka
Ranch Hand

Joined: Apr 02, 2007
Posts: 49
You can use
<sec:authentication-manager alias="authenticationManager">
<sec:authentication-provider ref="preauthAuthProvider" />
</sec:authentication-manager>

<bean id="preauthAuthProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
<property name="preAuthenticatedUserDetailsService">
<bean id="userDetailsServiceWrapper" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
<property name="userDetailsService" ref="userDetailsService" />
</bean>
</property>
</bean>

Where userDetailService is the service which will return all the user related inforamtion and you can map roles using below code

<bean id="userDetailsService" class="Your Service Class">
<property name="userRoles2GrantedAuthoritiesMapper">
<bean class="org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper">
<property name="attributePrefix" value="ROLE_" />
</bean>
</property>
</bean>
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Security Role Mapping in Spring Security.