February 01, 2011
Mark Wielaard: New GPG key.
Finally created a new GPG key using gnupg. The old one was a DSA/1024 bits one and 8 years old. The new one is a RSA/2048 bits one. I will use the new one in the future to sign any release tarballs I might create. pub 2048R/57816A6A 2011-01-29 Key f...
More »
February 01, 2011
Andrew Hughes: [SECURITY] IcedTea6 1.7.8, 1.8.5, 1.9.5 Released!.
We are pleased to announce a new set of security releases, IcedTea6 1.7.8, IcedTea6 1.8.5 and IcedTea6 1.9.5.
This update contains the following security updates:
The IcedTea project provides a harness to build the source code from OpenJDK6 u...
More »
December/2024
Sun | Mon | Tue | Wed | Thu | Fri | Sat |
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 |
28 | 29 | 30 | 31 | | | | |
|
|
home > news >
java technology >
using spring security to enforce authentication and authorization on spring remoting services invoked from a java se client...
Using Spring Security to enforce authentication and authorization on Spring Remoting Services Invoked from a Java SE client...
Spring framework is one of the biggest and the most comprehensive frameworks Java Community can utilize to cover most of the end to end requirement of a software system when it come to implementation.
Spring Security and Spring Remoting are two important parts of the framework which covers security in a descriptive way and let us have remote invocation of a spring bean methods using a local proxy.
In this entry I will show you how we can use spring security to secure a spring bean exposed over HTTP and invoke its secured methods from an standalone client. In our sample we are developing an Spring service which returns the list of roles which are assigned to that currently authenticated user. I will develop a simple web application congaing an secured Spring service then I will develop a simple Java SE client to invoke that secured service.
To develop the service we need to have a service interface which is as follow:
package springhttp;
public interface SecurityServiceIF {
public String[] getRoles();
}
Then we need to have an implementation of this interface which will do the actual job of extracting the roles for the currently authenticated user.
package springhttp;
public class SecurityService implements SecurityServiceIF {
public String[] getRoles() {
Collection col = SecurityContextHolder.getContext().getAuthentication().getAuthorities...
Date: March, 18 2010
Url: http://www.java.net/blog/kalali/archive/2010/03/18/using-spring-security-enforce-authentication-and-authorization-spring
Others News
|