SEC-1093: Add namespace support for the J2EE processing filter #1344

spring-issuemaster opened this Issue Feb 3, 2009 · 1 comment

1 participant


Ruud Senden (Migrated from SEC-1093) said:

AFAIK currently there is no namespace support for J2EE security. I think J2EE security integration can be configured much more easily if namespace support for this feature is added to Spring Security.

Basically, default configuration of J2EE security could then look like this:

Here, the tag should configure the PreAuthenticatedProcessingFilterEntryPoint, the J2eePreAuthenticatedProcessingFilter (defaulting to reading the mappable roles from web.xml and using the SimpleAttribute2GrantedAuthoritiesMapper), and the PreAuthenticatedAuthenticationProvider together with the PreAuthenticatedGrantedAuthoritiesUserDetailsService.

So, basically the configuration snippet listed above would be equivalent to the following verbose configuration:


Luke Taylor said:

This has been implemented, but in a simpler way, using the SimpleAttributes2GrantedAuthoritiesMapper as the default for obtaining the possible roles, rather than attempting to parse the web.xml.

@spring-issuemaster spring-issuemaster added this to the 3.1.0.M1 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment