Using Spring Security to enforce authentication and authorization on Spring Remoting Services Invoked from a Java SE client...

Spring framework is one of the biggest and the most comprehensive frameworks Java Community can utilize to cover most of the  end to end requirement of a software system when it come to implementation. Spring Security and Spring Remoting are two important parts of the framework which covers security in a descriptive way and let us have remote invocation of a spring bean methods using a local proxy. In this entry I will show you how we can use spring security to secure a spring bean exposed over HTTP and invoke its secured methods from an standalone client. In our sample we are developing an Spring service which returns the list of roles which are assigned to that currently authenticated user. I will develop a simple web application congaing an secured Spring service then I will develop a simple Java SE client to invoke that secured service. To develop the service we need to have a service interface which is as follow: package springhttp; public interface SecurityServiceIF { public String[] getRoles(); } Then we need to have an implementation of this interface which will do the actual job of extracting the roles for the currently authenticated user. package springhttp; public class SecurityService implements SecurityServiceIF {     public String[] getRoles() {         Collection col = SecurityContextHolder.getContext().getAuthentication().getAuthorities...

Date: March, 18 2010
Url: http://www.java.net/blog/kalali/archive/2010/03/18/using-spring-security-enforce-authentication-and-authorization-spring

Others News