Book Image

Spring Security 3.x Cookbook

By : Anjana Mankale
Book Image

Spring Security 3.x Cookbook

By: Anjana Mankale

Overview of this book

Web applications are exposed to a variety of threats and vulnerabilities at the authentication, authorization, service, and domain object levels. Spring Security can help secure these applications against those threats. Spring Security is a popular application security solution for Java applications. It is widely used to secure standalone web applications, portlets, and increasingly REST applications. It is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications and it is currently used to secure numerous demanding environments including government agencies, military applications, and central banks. "Spring Security 3.x Cookbook" is a repository of recipes to help you successfully secure web applications against threats and vulnerabilities at the authentication and session level layers using the Spring Security framework. We will not only explore Spring-based web applications, but also Java-based and Grails-based applications that can use Spring Security as their security framework. Apart from conventional web applications, we will also look at securing portlets, RESTful web service applications, and other non-web applications. This book will also take you through how to integrate Spring Security with other popular web frameworks/technologies such as Vaadin, EJB, and GWT. In addition to testing and debugging the implemented security measures, this book will also delve into finer aspects of Spring Security implementation such as how it deals with concurrency, multitenancy, and customization, and we will even show you how to disable it. This book gives you an overview of Spring Security and its implementation with various frameworks. It starts with container-based authentication before taking you on a tour of the main features of Spring Security. It demonstrates security concepts like BASIC, FORM, and DIGEST authentication and shows you how to integrate the Spring Security framework with various frameworks like JSF, struts2, Vaadin, and more. The book also demonstrates how to utilize container managed security without JAAS. Then, we move on to setting up a struts2 application before showing you how to integrate Spring Security with other frameworks like JSF, Groovy, Wicket, GWT, and Vaadin respectively. This book will serve as a highly practical guide and will give you confidence when it comes to applying security to your applications. It's packed with simple examples which show off each concept of Spring Security and which help you learn how it can be integrated with various frameworks.
Table of Contents (18 chapters)
Spring Security 3.x Cookbook
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Spring Security with Groovy Grails Basic authentication


In this recipe, we shall demonstrate Security with Groovy on Grails using the Basic authentication mechanism.

Getting ready

  • We need to create a Grails application: grailsbasicauthexample

  • Install the Spring Security plugin to the new application

  • Create User and Role classes

  • Edit the Config.groovy file

  • Edit BootStrap.groovy file

  • Create a controller: GreetingsController

How to do it…

The following steps are taken for demonstrating Basic authentication with Groovy on Grails using Spring Security:

  1. Run the following commands in the command prompt:

    • Grails create-app grailsbasicauthexample

    • cd grailsbasicauthexample

    • grails install-plugin spring-security-core

    • grails s2-quickstart com.packt SecuredUser SecuredRole

  2. Edit the config.groovy file and set the following values:

    grails.plugins.springsecurity.useBasicAuth = true
    grails.plugins.springsecurity.basic.realmName = "HTTP Basic Auth Demo"
  3. Edit the Bootstrap.groovy file:

    import com.packt.*;
    class BootStrap...