For the Spring configurations for JAAS implementation, we have to start from the POM file setting. Then, web.xml
and Servlet.xml
need to be configured. Finally, for the application context settings, we need to configure the application context XML file. Let's see these configuration settings one by one, as follows:
The preceding POM file has the required dependencies to create the basic JAAS-based Spring Security project. The Spring Security Core JAR file has all the JAAS components, as shown in the following:
The preceding web.xml
file has configurations for the springSecurityFilterChain
, DispatcherServlet
, ContextLoaderListener
, and url
patterns for servlet mapping:
The preceding applicationContext.xml
file has all the entries for the JAAS security settings. The http
security tag specifies the interceptor url
patterns and access roles. The authentication manager is specified as jaasAuthProvider
and you can see the configurations of DefaultJaasAuthenticationProvider...