Tom Rose

Greenhorn
+ Follow
since Apr 10, 2012
Merit badge: grant badges
For More
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
1
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Tom Rose

It does. Thank you for responding! I'm hoping to win one. I find your book very interesting and I think I'm going to buy it and if I win one I'll keep it at work.
8 years ago
One of the biggest challenges I think that many developers have is when you are looking at code and looking to improve it we are faced with the question "Who is going to pay for those changes". Adam, I would be interested in hearing from your past experiences any approaches that you may of taken.

8 years ago
Thank you very much! It's now working. I did have an object defined that extended AbstractSecurityWebApplicationInitializer, just forgot to include it in my sample code.

Again thank you everyone for your help. Happy New Year to all.


Bill Gorder wrote:Configure it on your AuthenticationManager. In your case you probably want the global one.



Your WebApplicationInitializer looks good but I don't see one to also register the SpringSecurity Filter chain

Add another one that looks like this, it can be empty the abstract class does the work:



10 years ago
OK, I added that to my root config and placed a system out in the method just to confirm the bean was loading. This didn't seem to solve the problem. I have 2 users created in my user table. One named user1 with password "cleartext" and second user2 with password (encrypted with MD5 when added to the mysql database). I was unable to authenticate with user2 but still was able to authenticate with user1 which seems to tell me that the password encoder is not registering on the spring side with the form password.


Jeanne Boyarsky wrote:In your Root Config class, add:



If this doesn't work, post what error message you get or why it doesn't work.

10 years ago
I'm using spring security with MySql for the database. Spring Security version is 3.2.0.RELEASE

First, I know MD5 should be swapped out with BCrypt encryption. I'm trying to teach myself spring security via the annotation method (@Configuration, @EnableWebSecurity). I was using an old program that had an MD5 password encoder defined.

If I was using spring security with xml files and had:



What would be the equivalent way to implement this without the use of the xml file?

I currently do have this running with unencrypted passwords so I know it is working.

Here's my code:
MvcWebApplicationInitializer


RootConfig.java


SecurityConfig.java


WebMvcConfiguration.java


WebAppConfig


LoginServiceMySqlImpl


Let me know if you need anymore information. If you want, you can use BCrypt with your example. I followed some spring examples and did create a test user in my user database table that has a BCrypt password. I appreciate anyone who can provide some guidance with this. Thanks!
10 years ago
Prateek and William, thanks for your input.

William, I was trying some stuff out last night and was able to get it to work by defining a bean configuration and placing it in the classpath:


How would the coding look if I used the Spring IntializingBean? Would it be possible for you to put something quick together, or am I on the right path with my experimenting?

Thanks,

William P O'Sullivan wrote:We implement the Spring InitializingBean which allows us to merge an external config.properties file
to any System properties passed to the vm using -D.

This file lives outside the deployed war so any changes, passwords etc. are controlled by admins
at the filesystem level. This also allows use to use one pre-built war for many instalations by
simply putting a -Denv=??? on the JBoss startup.

WP

11 years ago
I'm really stumped on what is the best practice for utilizing configuration files in a spring application. I would like to somehow have a property file that contains some specific information such as an ip address to use when using FTP to send a file. I would also like this to be configurable by a user so they can change the location of the property file if needed. Can someone point me in the right direction. I have tried different examples using PropertyPlaceHolderConfigurer to Annotations and just cannot seem to get a working example. During a transaction to a method in my controller, I would like to read this setting. Any help would be appreciated. Thanks.
11 years ago