Skip to main content

Home/ SoftwareEngineering/ Group items tagged SpringSecurity

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
kuni katsuya

Frequently Answered Questions (FAQ) - 0 views

static.springsource.org/...faq.html

java security SpringSecurity requirements dependencies

shared by kuni katsuya on 09 Aug 12 - No Cached
  • 1.3.What Java and Spring Framework versions are required?
  • Spring Security 3.0 and 3.1 require at least JDK 1.5
  • and also require Spring 3.0.3 as a minimum
kuni katsuya

Spring Security - Features - 0 views

static.springsource.org/...features.html

Java security SpringSecurity

shared by kuni katsuya on 09 Aug 12 - Cached
  • Domain object instance security: In many applications it's desirable to define Access Control Lists (ACLs) for individual domain object instances. We provide a comprehensive ACL package with features including integer bit masking, permission inheritance (including blocking), an optimized JDBC-backed ACL repository, caching and a pluggable, interface-driven design.
  • OpenID Support: the web's emerging single sign-on standard (supported by Google, IBM, Sun, Yahoo and others) is also supported in Spring Security
  • Easy integration with existing databases: Our implementations have been designed to make it easy to use your existing authentication schema and data (without modification). Of course, you can also provide your own Data Access Object if you wish. Password encoding: Of course, passwords in your authentication repository need not be in plain text. We support both SHA and MD5 encoding, and also pluggable "salt" providers to maximise password security.
  • ...5 more annotations...
  • Caching: Spring Security optionally integrates with Spring's Ehcache factory. This flexibility means your database (or other authentication repository) is not repeatedly queried for authentication information when using Spring Security with stateless applications.
  • Run-as replacement: The system fully supports temporarily replacing the authenticated principal for the duration of the web request or bean invocation. This enables you to build public-facing object tiers with different security configurations than your backend objects.
  • Tag library support: Your JSP files can use our taglib to ensure that protected content like links and messages are only displayed to users holding the appropriate granted authorities. The taglib also fully integrates with Spring Security's ACL services, and obtaining extra information about the logged-in principal.
  • User Provisioning APIs: Support for groups, hierarchical roles and a user management API, which all combine to reduce development time and significantly improve system administration.
  • Enterprise-wide single sign on using CAS 3: Spring Security integrates with JA-SIG's open source Central Authentication Service (CAS)
kuni katsuya

Appendix C. Spring Security Dependencies - 0 views

static.springsource.org/...appendix-dependencies.html

java security SpringSecurity dependencies

shared by kuni katsuya on 09 Aug 12 - No Cached
  • Spring Security Dependencies
  • This appendix provides a reference of the modules in Spring Security and the additional dependencies that they require in order to function in a running application
  • C.1 spring-security-coreThe core module must be included in any project using Spring Security.
  • ...8 more annotations...
  • DependencyVersionDescriptionaopalliance1.0Required for method security implementation.
  • spring-aop Method security is based on Spring AOP
  • spring-beans Required for Spring configuration
  • spring-expression Required for expression-based method security (optional)
  • spring-jdbc Required if using a database to store user data (optional).
  • spring-tx Required if using a database to store user data (optional).
  • C.6 spring-security-aclThe ACL module.
  • spring-jdbc Required if you are using the default JDBC-based AclService (optional if you implement your own).spring-tx Required if you are using the default JDBC-based AclService (optional if you implement your own).
kuni katsuya

ICW Developer Network - 0 views

idn.icw-global.com/...saf.html

security frameworks comparison Seam SAF SpringSecurity

shared by kuni katsuya on 08 Aug 12 - No Cached
  • ComparisonThis section provides a brief comparison of SAFs functionality with that of the Acegi Security Framework [11] and JBoss Seam Security [12]
  • Acegi’s Policy Decision functionality is not based on Java security standards but on a proprietary solution
  • ACL defines per domain object who has access permissions
  • ...5 more annotations...
  • Both Acegi as well as SAF use AspectJ and Spring AOP for Policy Enforcement
  • JBoss Seam follows a different process when implementing Policy Decision functionality and sets access rules with the help of JBoss Rules [13] the JBoss rules engine
  • access decision to the domain objects in an application can be based on any number of complex rules
  • @Restrict annotations
  • 07.2007
kuni katsuya

HTTP Authentication and Security with Apache Shiro | Xebia Blog - 0 views

blog.xebia.com/...apache-shiro

apache shiro security SpringSecurity

shared by kuni katsuya on 15 Aug 12 - No Cached
  • Spring Security
  • However, it is tied to the Spring technology and the size of the library — more than 10 JAR of dependencies
  • kuni katsuya on 15 Aug 12
     
    "its "
1 - 8 of 8
Showing 20 items per page