Skip to content
Andrei Mladin edited this page Mar 13, 2014 · 53 revisions

Modules

Core - spring-security-core.jar

  • Contains core authentication and access-contol classes and interfaces, remoting support and basic provisioning APIs
  • Required by any application which uses Spring Security
  • Supports standalone applications, remote clients, method (service layer) security and JDBC user provisioning

Web - spring-security-web.jar

  • Contains filters and related web-security infrastructure code
  • You'll need it if you require Spring Security web authentication services and URL-based access-control.

LDAP

  • LDAP authentication and provisioning code.
  • Required if you need to use LDAP authentication or manage LDAP user entries

ACL

  • Specialized domain object ACL implementation
  • Used to apply security to specific domain object instances within your application

CAS

  • Spring Security's CAS client integration
  • If you want to use Spring Security web authentication with a CAS single sign-on server

web.xml configuration

Security Filter

<filter>

<filter-name>springSecurityFilterChain</filter-name>

<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>

</filter> <filter-mapping>

<filter-name>springSecurityFilterChain</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

Authentication

Authorization

Roles & Permissions

Role hierarchy

Clone this wiki locally