- Web Development Using Spring and AngularJS Tutorials – very long and helpful!
- Spring, Hibernate, Spring Security
- grunt (watch), ng-boilerplate, ui-router(state changes), ngroute, ng-resource, build
- getting the master example/tutorial to work – maven project!
- dependencies
- <dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>3.2.5.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>3.2.5.RELEASE</version>
</dependency>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
<version>1.7.4</version>
</dependency> -
- <dependency>
- add component scan to business-config.xml – tutorial.core.security
- create tutorial.core.security.SecurityWebAppInitializer class
- create tutorial.core.security.SecurityConfig class
- @Configuration, @EnableWebSecurity
- configAuthBuilder() – where the authentication happens!
- create tutorial.core.security.AuthFailure class to return response.setStatus(HttpServletResponse.SC_UNAUTHORIZED)
- create tutorial.core.security.AuthSucess to return response.setStatus(HttpServletResponse.SC_OK)
- add AuthFailure and AuthSuccess to SecurityConfig (@Autowired)
- add configure() method to SecurityConfig – configuation
- add AuthFailure and AuthSuccess
- JSESSIONID will be added to client – expires after 30min
- tutorial.core.security.EntryPointUnauthorizedHandler class
- add commence method
- add EntryPointUnauthorizedHandler to SecurityConfig
- add AccountUserDetails and UserDetailServiceImpl classes and add to configAuthBuilder() method in SecurityConfig
- modify sessionService, LoginCtrl in account.js
- use SecurityContextHolder (AccountController class) to get current user details for further processing
- throw Forbidden exception
- whitelist access –
- security:protect-pointcut in mvc-dispacher-servlet.xml
- @PreAuthorize(“permitAll”)
- dependencies
Advertisements
