Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

SEC-1093: Add namespace support for the J2EE processing filter #1344

Closed
spring-issuemaster opened this Issue Feb 3, 2009 · 1 comment

Comments

Projects
None yet
1 participant

Ruud Senden(Migrated from SEC-1093) said:

AFAIK currently there is no namespace support for J2EE security. I think J2EE security integration can be configured much more easily if namespace support for this feature is added to Spring Security.

Basically, default configuration of J2EE security could then look like this:
sec:http
sec:logout/


sec:j2ee/
/sec:http

Here, the sec:j2ee/ tag should configure the PreAuthenticatedProcessingFilterEntryPoint, the J2eePreAuthenticatedProcessingFilter (defaulting to reading the mappable roles from web.xml and using the SimpleAttribute2GrantedAuthoritiesMapper), and the PreAuthenticatedAuthenticationProvider together with the PreAuthenticatedGrantedAuthoritiesUserDetailsService.

So, basically the configuration snippet listed above would be equivalent to the following verbose configuration:

```


```

Luke Taylor said:

This has been implemented, but in a simpler way, using the SimpleAttributes2GrantedAuthoritiesMapper as the default for obtaining the possible roles, rather than attempting to parse the web.xml.

@spring-issuemaster spring-issuemaster added this to the 3.1.0.M1 milestone Feb 5, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment