Sunday, August 26, 2007

Spring Acegi Tutorial

Spring Acegi Tutorial

A tutorial on using the Spring Acegi Security Framework to secure web applications.



Table
of Contents


1 Introduction 3

1.1 Why this
tutorial 3

1.2 Tutorial
objectives 3

2 Sources, IDE & other bare
necessities 4

2.1 Sources 4

2.2 IDE &
Application server 4

2.3 Other bare
necessities: Spring and Acegi 4

3 A short discussion on security 5

3.1
Authentication 5

3.2
Authorization 5

3.3 The Four
Checks 6

4 The example application 7

4.1
Functionality 7

4.1.1 The Normal
User area 7

4.1.2 The
Administrator area 9

5 Acegi Web Security 11

5.1 The
Authentication object 11

5.2 Filters 11

5.3
Configuration 11

5.3.1 The Filter
Chain 12

5.3.2 The
AuthenticationProcessingFilter 12

5.3.3 The
HttpSessionContextIntegrationFilter 14

5.3.4 The
ExceptionTranslationFilter 14

5.3.5
FilterSecurityInterceptor 15

5.4 Using an
authentication database through JDBC 18

6 To conclude 19

7 Resources 19

0 comments: