Understanding Class Loaders in JAVA

 

                            NOTE: Source Code available for download at the bottom of the page

What are we going to learn?
   In this tutorial we will learn how to build Authentication and Authorization mechanism around the web project. We will use our Spring MVC project LINK and build security around it.

NOTE : Please go through the following link to setup Spring MVC Employee Project SPRING MVC EMPLOYEE PROJECT

What's needed?
  • Maven
  • JDK 1.5 or higher
  • eclipse 
  • Tomcat
Steps Involved:
 Step 1: Set up Spring MVC project as shown in SPRING MVC EMPLOYEE PROJECT
 Step 2: Update pom files for required libraries
 Step 3: Update web.xml file to provide Spring security configuration.
 Step 4: Create spring-security.xml configuration file to define the security configuration that we need.
 Step 5: Provide Log out link.

Let's get started.

Step 2: Update pom files for required libraries

pom.xml 
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
	<modelVersion>4.0.0</modelVersion>
	<groupId>com.javavision</groupId>
	<artifactId>Employye</artifactId>
	<packaging>war</packaging>
	<version>0.0.1-SNAPSHOT</version>
	<name>Employye Maven Webapp</name>
	<url>http://maven.apache.org</url>
	<dependencies>
		<dependency>
			<groupId>junit</groupId>
			<artifactId>junit</artifactId>
			<version>3.8.1</version>
			<scope>test</scope>
		</dependency>

		<dependency>
			<groupId>org.springframework</groupId>
			<artifactId>spring-webmvc</artifactId>
			<version>4.0.2.RELEASE</version>
		</dependency>

		<dependency>
			<groupId>javax.validation</groupId>
			<artifactId>validation-api</artifactId>
			<version>1.1.0.Final</version>
		</dependency>

		<dependency>
			<groupId>org.hibernate</groupId>
			<artifactId>hibernate-validator</artifactId>
			<version>5.1.0.CR1</version>
		</dependency>

		<dependency>
			<groupId>org.springframework.security</groupId>
			<artifactId>spring-security-core</artifactId>
			<version>3.2.3.RELEASE</version>
		</dependency>

		<dependency>
			<groupId>org.springframework.security</groupId>
			<artifactId>spring-security-config</artifactId>
			<version>3.2.3.RELEASE</version>
		</dependency>

		<dependency>
			<groupId>org.springframework.security</groupId>
			<artifactId>spring-security-web</artifactId>
			<version>3.2.3.RELEASE</version>
		</dependency>

		<dependency>
			<groupId>jstl</groupId>
			<artifactId>jstl</artifactId>
			<version>1.2</version>
		</dependency>

	</dependencies>
	<build>
		<finalName>Employee</finalName>
	</build>
</project>



Step 3: Update web.xml file to provide Spring security configuration.

web.xml
<!DOCTYPE web-app PUBLIC
 "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
 "http://java.sun.com/dtd/web-app_2_3.dtd" >

<web-app>
	<display-name>Employee Project SPRING WEB MVC</display-name>

	<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>
			/WEB-INF/spring-security.xml
		</param-value>
	</context-param>

	<filter>
		<filter-name>springSecurityFilterChain</filter-name>
		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
	</filter>

	<filter-mapping>
		<filter-name>springSecurityFilterChain</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

	<listener>
		<listener-class>org.springframework.web.context.ContextLoaderListener
		</listener-class>
	</listener>


	<servlet>
		<servlet-name>Employee</servlet-name>
		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
		<init-param>
			<param-name>contextConfigLocation</param-name>
			<param-value>
				/WEB-INF/employee-servlet.xml
			</param-value>
		</init-param>
	</servlet>

	<servlet-mapping>
		<servlet-name>Employee</servlet-name>
		<url-pattern>/</url-pattern>
	</servlet-mapping>

</web-app>



All the traffic <url-pattern>/*</url-pattern> is routed to springSecurityFilterChain filter which is the Spring DelegatingFilterProxy.



Step 4: Create spring-security.xml configuration file to define the security configuration that we need.

spring-security.xml 
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
       http://www.springframework.org/schema/beans/spring-beans.xsd
       http://www.springframework.org/schema/context 
       http://www.springframework.org/schema/context/spring-context.xsd
       http://www.springframework.org/schema/security
       http://www.springframework.org/schema/security/spring-security.xsd">


 
	<http auto-config="true">
		<intercept-url pattern="/**" access="ROLE_USER" />
	</http>
 
	<authentication-manager>
	  <authentication-provider>
	    <user-service>
		<user name="visionjava" password="test1234" authorities="ROLE_USER" />
	    </user-service>
	  </authentication-provider>
	</authentication-manager>
 
</beans:beans>


http auto-config="true" -- Provides us the default Login Page provided by Spring.

user-service - User are defined here.



Step 5: Provide Log Out link.

<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<html>
<body>

	<div style="float: right; margin-right: 190px;">

		<a href="<c:url value="j_spring_security_logout" />"
			style="color: red;"> Logout</a>

	</div>

	<h2>Employee Home Page!</h2>
</body>
</html>



<a href="<c:url value="j_spring_security_logout" />" provides the log out link.


Output:

Default Login Page provided by Spring

Home Page with Log Off





Project Structure:


Spring Security Basic Authentication



Source Code : EmployeeMVCSpringSecurityBasic.rar
Web Analytics