Tag Archives: spring security
Using Spring Social GitHub to access secured GitHub data
At my Skydingo blog (a devops blog written in collaboration with Paul Jenson) I just wrote a quick post with some screenshots of an open source, Spring-based CMDB I’m building called Skybase. In the current post I want to show … Continue reading
Posted in Chapter 11 - CMDB, Tutorials
Tagged github, oauth2, spring security, spring social, spring social github, web services
Leave a comment
Quick tip: avoid rule duplication when using security:authorize
Spring Security features a tag that allows us to show or hide JSP content based on access rules we can define. Here’s an example: <security:authorize access=”hasRole(‘admin’)”> <a href=”/main/admin.html”>Admin</a> <security:authorize> This is probably the most common way to use the tag. … Continue reading
Posted in Chapter 07 - Authorization, Quick Tips
Tagged authorization, spring, spring security
Leave a comment
Quick tip: upgrade a legacy password storage scheme
This one’s a Spring Security quick tip that I wanted to share. Suppose that you have a password storage scheme that stores passwords as plaintext, and you want to upgrade that to storing hashes. No problem; simply replace the plaintext … Continue reading
Posted in Chapter 06 - Authentication, Quick Tips
Tagged authentication, hash, password, salt, spring security
Leave a comment
Spring Security 3 DZone Refcard and interview
My Spring Security 3 Refcard is out. It covers expression-based authorization in Spring Security 3. There is also a supporting interview about the Refcard. The interview goes into more depth about some security principles like whitelisting and data-driven security, and … Continue reading
Posted in Chapter 07 - Authorization, News
Tagged authorization, dzone, expressions, refcard, spring, spring security, whitelisting
Leave a comment
Spring Security 3 database schemas for MySQL
In preparation for a DZone Refcard on Spring Security 3 I’m doing, here are the Spring Security database schemas for MySQL. This isn’t intended to be an exhaustive treatment. Rather it’s more a reference for the MySQL dialect version of … Continue reading
Posted in Chapter 06 - Authentication, Chapter 07 - Authorization, Reference
Tagged mysql, schemas, security, spring, spring security
7 Comments
Hashing and salting passwords with Spring Security 2
This post was originally written as a recipe for our book Spring in Practice, but we just didn’t have enough room to include it. It’s still (we think, anyway) a great recipe, so we’re making it available here free of … Continue reading
Posted in Chapter 06 - Authentication, Tutorials
Tagged authentication, cryptography, hash, salt, security, spring security
15 Comments
Excerpt: Login and remember-me discussion
Spring in Practice centers on using Spring to implement technical solutions to common problems, but it’s also important for developers to understand the problem they’re trying to solve before implementing a solution. In the book we work pretty hard to … Continue reading
Posted in Chapter 06 - Authentication, News
Tagged authentication, login, openid, passwords, remember-me, security, spring security, sso
Leave a comment
Acegi overview (now Spring Security)
I wrote this back when Spring Security was called Acegi. Now it’s out of date, but I’m leaving it in the archive. Acegi has been around for a while, but I just recently tried it out and am impressed with … Continue reading
Posted in Chapter 06 - Authentication, Chapter 07 - Authorization, Tutorials
Tagged acegi, security, spring security
Leave a comment
