We are currently trying to integrate Spring Security into our application.
Our application used to store data in native XMLs. We are in the process of integrating with MySQL.
However, certain sites are still having lots of data in XML and we want to provide backward compatibility.
So does spring security provide authentication mechanism for XML based database just like it does for SQL and LDAP?
Is there a way around this problem?
Related
I'm trying to encrypt on the application side the principal_name column in the oauth2_authorization table, but I couldn't find a way to do it.
When using Spring Data and Converter, it is quite easy to do on an classical Spring application, but I'm quite lost with Spring Authorization Server. How can that be done ?
I'm trying to create cert based client authentication using spring 5, without spring boot. Is there a good tutorial on how to do it? (For example: how to specify a truststore, etc...).
I've ended up not using spring security, because I did not need many things it provides, and instead used a simple filter, that checks the data of the used certificate (I also configured the application server used, to allow that certificate).
I'm currently trying to make a Spring Boot app. I've managed to create successfully user authentication using LDAP and custom logic.
However, I'm trying to add another layer of security on top of that, something like "htaccess" to prevent unauthorized users from even seeing the web page (client requirement), as well as stop Google from indexing the page. This can be a single predefined user (doesn't need to be connected to ldap auth).
I've read about configuring the tomcat realm, tomcat-users etc. but since it's Spring Boot app with embedded tomcat, I can't find a place to successfully configure it.
Does anyone have any idea how to create such setup?
HI I am implementing oauth2 using spring security. This application will be deployed in a multi-node clustered environment. How spring will synchronize authorization code between multiple nodes? It can be achieved via jdbcAuthorizationCodeServices but I can't use relational DB. Requirement is to use NoSql DB. Is there a way to add custom plug-in custom authorization code generator which will be used by spring to create and consume auth code (Code example will be really helpful)?
Thanks
I am new to Spring Security and am mulling over the idea of using it or not in my application.
The requirement is as follows :
In my web application i store a session information inside the database,a key for this is stored in a cookie
2.Now whenever someone tries to access a url which is not according to the flow i want to deny access.
3.Can i use Spring Security for this.
I am using Spring MVC,Mongo DB and MySQL as the develeoment environment.
Regards,
Abhishek
If you're trying to simply control the flow of an application, I'd suggest using Spring Webflow. This allows you to define set flows in a multi-page application.
Spring Security can be used to control flows, but only for access control. It integrates well with Webflow (and with Spring MVC) to ensure you can secure some or all of your flows.