This recipe extends on the previous recipe and shows a fully-functional Flight Booking application developed using Spring Web MVC that makes use of Spring Security to implement web request and method-level security. We'll look at modifications or additions that we need to make to configurations and artifacts generated by the
setup command to create a security-aware Flight Booking application.
Let's first take a quick look at the security requirements of the Flight Booking application before we delve into the details of how these requirements are met using Spring Security.
The Flight Booking application users are authenticated against Apache Directory Server, which contains application users, details and their role information. An authenticated user of the Flight Booking application can either have the role of
ROLE_APP_USER. Access to application functionality is granted or...