Spring Security 3.x Cookbook
上QQ阅读APP看书,第一时间看更新
上一章目录下一章

Struts 2 application with basic Spring Security

In this section we will demonstrate basic Spring Security authentication with Struts 2. We will create a sample Struts 2 application and add Spring Security features to the action to make it secured. Only authenticated authorized users can access it.

Getting ready

  • Update the Applicationcontext-security.xml file
  • Create a new dynamic project in Eclipse: Struts2_Spring_BASIC_Security_Recipe2

How to do it...

Perform the following steps for integrating the Struts 2 application with Spring Security to implement basic authentication:

  1. Modify the applicationcontext-security.xml file to support basic security:

    Applicationcontext-security.xml:

    <beans:beans xmlns="http://www.springframework.org/schema/security"
   xmlns:beans="http://www.springframework.org/schema/beans" 
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xsi:schemaLocation="http://www.springframework.org/schema/beans
   http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
   http://www.springframework.org/schema/security
   http://www.springframework.org/schema/security/spring-security-3.1.xsd">
 
 <global-method-security pre-post-annotations="enabled">
        <!-- AspectJ pointcut expression that locates our "post" method and applies security that way
        <protect-pointcut expression="execution(* bigbank.*Service.post*(..))" access="ROLE_TELLER"/>
        -->
    </global-method-security>

  <http>
   <intercept-url pattern="/welcome" access="ROLE_TELLER" />
   <http-basic />
  </http>
   <authentication-manager>
     <authentication-provider>
       <user-service>
         <user name="anjana" password="123456" authorities="ROLE_TELLER" />
       </user-service>
     </authentication-provider>
   </authentication-manager>
</beans:beans>

How it works...

When the user runs the Struts 2 application and tries to access the secured resource, the Spring Security context is initialized and the Struts 2 action is interrupted with Spring's login dialog box, which will request the username and password. On successful authentication, the user will be redirected to the Struts 2 action page.

The following is the workflow of the application:

Struts 2 and Spring basic security on browser:

How it works...

See also

  • The Using Struts 2 with digest/hashing-based Spring Security recipe
本周热推:
Spring Cloud 微服务分布式架构开发实战Mastering Delphi Programming:A Complete Reference GuideCANoe开发从入门到精通新型复印机·传真机维修数据速查宝典VCD、DVD原理与维修
上一章目录下一章