Spring Security by example: set up and form authentication

Spring Security (former Acegi) is a Java library that handles authorization and authentication in web applications. Documentation on the project web site is, as expected from Spring Source, easy to read and use. I have a feeling though, that most of us first search Google for a fast, technology tutorial, before reading the docs, so in this little article I’m going to show you a few things Spring Security can do, give you a few hints and code snippets I have, after using it a little bit here and there. I’m not going to explain everything throughly, that’s what docs are for, but what is here should help to get you started (or decide whether you want to).

Since this is quite a lot of text for a blog post.

Here is the plan:

1. Set up and form authentication 

2. User in the backend (getting logged user, authentication, testing)

3. Securing web resources

4. Securing methods

5. OpenID (login via gmail)

6. OAuth2 (login via Facebook)

7. Writing on Facebook wall with Spring Social

Read more »

Published by

Jakub Nabrdalik

Solution Architect @ TouK