mvc « Security « Spring Q&A





1. different DelegatingFilterProxy and FilterToBeanProxy    stackoverflow.com

can anyone clearly explain on the different on this two class defined in web.xml?

2. How to protect outside access?    stackoverflow.com

How protect resouces from outside access in the Web application using jsp - spring ? e.g. http://localhost:8080/appsname/images/ here showing list of files here i dont want to users to direct access ...

3. spring-security & spring-mvc configuration    stackoverflow.com

i have written a small webapp using spring-security and spring-mvc with an annotation based configuration (@Secured). in order to have that work i had to split up the spring-security configuration: app-context.xml (included ...

4. problems with enabling spring security in spring mvc    stackoverflow.com

I'm trying to enable Spring Security 2.5 in my spring app but am running into configuration problems. I've followed a few examples and have done what they are doing, but I ...

5. spring-security problem with loged user    stackoverflow.com

i've got problem with my app, as usual.. I use Spring MVC [version: 2.5] and Security[version: 2.0.4]. My problem looks like that:

First login into my app with UserA ...

6. How to access proprietary .js file in Spring MVC?    stackoverflow.com

I am newby in Spring, but have a task, and I am learning on the fly. I used Roo to generates for me part of the code, but now I have ...

7. Access to User ID in Spring    stackoverflow.com

Hi I'm doing some proof-of-concept work with Spring MVC and security. So far I've managed to write a simple web-app which has a secure webpage which requires a user to login and ...

8. Custom authentication in Spring    stackoverflow.com

I have a question. In Struts, I have an Action that deals with user authentication, i.e., I took the user's credentials and used a DAO to validate user credentials. I want ...

9. Custom "Next" Buttons for Spring MVC AbstractWizardFormController    stackoverflow.com

Currently, a spring application I am working on has several wizards that it is using with Spring's AbstractWizardFormController. During the early stages of development(pre-design phase), the type of "next" button did ...





10. User Granted Authorities are always : ROLE_ANONYMOUS?    stackoverflow.com

i am using the following method to make a programmatic login after registration

private void autoLogin(User user,
            HttpServletRequest request)
  ...

11. suggestion for ebook    stackoverflow.com

please suggest spring security 3 pdf at beginner level in java which is available for free download.

12. Spring MVC 3.0 Basic Authentication Implementation    stackoverflow.com

I'm currently transforming my Web Application tn Java with Spring MVC framework from ASP.NET (good way to learn it though -:) ) I need to implement authentication in my application: Please ...

13. Spring security custom fields    stackoverflow.com

1) How can i add a custom field in my login form and use that value to navigate to a different page after login. I need a custom authentication provider for ...

14. Is it possible to make custom implementation for RememberMeAuthenticationFilter?    stackoverflow.com

greetings all i am using spring security 3.0.2 and i want when a remembered user requests a page after his token is being authenticated (onAuthenticationSuccess) do some coding before landing him to his request i ...

15. Direct field access in Spring MVC 3    stackoverflow.com


I would like to use direct field access for "command objects" in Spring MVC 3.
Is there an equivalent of useDirectFieldAccess() method for annotated controllers?
I wasn't able to find anything ...

16. how to retrive pK using spring security    stackoverflow.com

i implement this method of the UserDetailService interface,

public UserDetails loadUserByUsername(final String username)
            throws UsernameNotFoundException, DataAccessException {
     ...





17. Where to store user uploads in spring mvc application?    stackoverflow.com

I am wondering where should i save files uploaded by user in my application. Right now i am saving them right into webapps/images/uploads(webapps folder is mapped as resource folder via mvc-resource) folder ...

18. How to manually set an authenticated user in Spring Security / SpringMVC    stackoverflow.com

After a new user submits a 'New account' form, I want to manually log that user in so they don't have to login on the subsequent page. The normal form login page ...

19. How to test your website against multiple users(extended)    stackoverflow.com

There is similar question on this topic I participated in it, but it doesn't really answer what I need at this moment. How to test a site rigorously? I noticed java.util.ConcurrentModificationException in ...

20. Spring MVC 3 access services from jar file    stackoverflow.com

I am wondering about a better design for the following application flow. i am going to use 'spring MVC 3', but i prefer not to take the annotation support facility and ...

21. Spring mvc: How can I set timezone per user?    stackoverflow.com

I have data in database stored in UTC. Every user has timezone in his setting. How can I handle timezone conversion during display and save?

22. RSS authentication with Spring Security    stackoverflow.com

My application is secured using Spring Security and authenticating to LDAP. The problem is that RSS feed must be secured too, allowing access only to registered users, but without redirecting to ...

23. How to access db2 sequence in Spring    stackoverflow.com

How to access db2 sequence in Spring? Need to access a sequence to generate an id and pass it to an insert statement using spring using jdbcTemplate.

24. Ways to access a MessageSource without using MessageSourceAware in the Spring MVC framework    stackoverflow.com

I have couple of servlets designed to hold its own message source, but there is a single static function which uses this message source as backup and in normal case uses ...

25. Question about customizing spring security 2.0.4    stackoverflow.com

Hi all I have the following requirement: The user will login to the system using olny his/her password and redirected to different pages depending his/her role (roles are DENTIST,DOCTOR,PHARMASIST).Are there any ...

26. Application Listener not receiving event notification    stackoverflow.com

I'm working on a spring MVC application using Spring Security for validation. I'd like to do some work upon login, and have seen the suggestion in multiple places (inlcuding

27. How to access Spring RequestContext from a Freemarker TemplateDirectiveModel    stackoverflow.com

I'm using Spring MVC with Freemarker as view technologie. I have a TemplateDirectiveModel object which needs to access Spring's RequestContext within the execute method. Currently I do it like this:

public class ...

28. Missing values of map(key, value) in Freemarker when access randomly?    stackoverflow.com

I'm having a strange problem with Freemarker map. My example is meant to display a list of cars with the associated owners' name: Car(id,name,ownerId) User(id,name) Notice that the ownerId is the only bridge I ...

30. How do you configure a MultipartResolver for a different maxUploadSize for a regular user vs. an admin?    stackoverflow.com

I can define a MultipartResolver like this with a maxUploadSize of 10K (10000 bytes):

<bean id="multipartResolver"
    class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
    <property name="maxUploadSize" value="10000"/>
</bean
However, if the admin needs to upload ...

31. Access Spring MVC BindingResult from within a View    stackoverflow.com

I'm looking for a way to access a BindingResult from within the view (in my case a JSP page). I have the following controller method:

@RequestMapping(value="/register/accept.html",method=RequestMethod.POST)
public ModelAndView doRegisterAccept(
  @Valid @ModelAttribute("registrationData") RegistrationData registrationData,
 ...

32. What's the point of Spring MVC's DelegatingFilterProxy?    stackoverflow.com

I see this in my Spring MVC app's web.xml:

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
I'm trying to figure out why it's there and whether it's actually needed. I found

33. Spring Security basic configuration    stackoverflow.com

I would like to configure spring MVC application using Spring security the following way.

  1. Only one concurrent login allowed.
  2. When HTTP session expires the user will be redirected to /security/sessionTimeout.html
  3. when user logs ...

34. Security access audit    stackoverflow.com

I have the following spring security configuration:

 <security:http>
   ......
     <security:intercept-url pattern="/auth/**"  access="ROLE_ADMIN"/>
   ......... 
</security:http>
I would like to log every case when "ROLE_ADMIN" ...

35. Spring Security Revoke authority    stackoverflow.com

I have the following Spring security configuration:

<security:http>
     <security:intercept-url pattern="/**"  access="ROLE_USER"/>
     <security:intercept-url pattern="/auth/**"  access="ROLE_ADMIN"/>
....
</security:http> 
I would like to revoke "ROLE_ADMIN" authority from ...

36. Spring 3 Security: AccessDeniedHandler is not being invoked    stackoverflow.com

I have a spring 3 application with the configurations given below. When any user tries to access a page and he/she isn't logged in, I get an Access is Denied exception ...

37. choosing perfect view engine for spring mvc projects    stackoverflow.com

I was thinking to develop web project on spring mvc. But somehow I was stuck on developing view engine. I was little bit familiar with asp.net mvc. I know their view ...

38. Spring Security with OpenIDAuthenticationFilter problem    stackoverflow.com

I have some difficulties to make the OpenIDAuthenticationFilter working, I hope someone can help me. My spring-security.xml

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop"
    xmlns:tx="http://www.springframework.org/schema/tx" xmlns:context="http://www.springframework.org/schema/context" xmlns:security="http://www.springframework.org/schema/security"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
 ...

39. How can I allow a user override with Spring Security?    stackoverflow.com

In my Spring MVC web application, there are certain areas accessible only to users with sufficient privileges. Rather than just have a "access denied" message, I need to be able to ...

40. An active access token must be used to query information about the current user - OAuthException Spring Social    stackoverflow.com

I'm getting

OAuth Exception
    {
       "error": {
          "message": "An active access token must ...

41. Multi-user blog/cms to run side-by-side with Spring MVC?    stackoverflow.com

We're building a site in which each user will be offered the option of having their simple own blog/home page. The site is built in Spring MVC 3 with a MySql backend. Does ...

42. java Global global variable and user global variable    stackoverflow.com

I'm using a spring mvc controller with annotation. The app is build in two part. The first one manages the users personal session and the other manages global data (shared between ...

43. how to control the user authentication using spring mvc    stackoverflow.com

I am using spring mvc3 to build a user-manager system. This system conain the following models:

Department
User
And the Departments have the hierarchic structure,for example:
Dep1
  SubDep1
  SubDep2
    Sub_sub_dep1
  ...

44. java mvc prevent access to views    stackoverflow.com

If I have several views in my project, how do I prevent someone from accessing a page using the jsp file, when the @RequestMapping should be used? Thanks

45. please help me in spring mvc security    stackoverflow.com

I have an application /HelloWorld we are using a login based on jspring security checking and a applicationcontex-security file where a set of roles where defined in database(logedin table). A set of ...

46. Spring security + LocaleResolver    stackoverflow.com

i need to change locale settings after successful Authentication. LocaleResolver:

    <bean id="localeChangeInterceptor"
    class="org.springframework.web.servlet.i18n.LocaleChangeInterceptor">
    <property name="paramName" value="lng" />
    </bean>

   ...

47. Restrict server usage for internal use    stackoverflow.com

I have a REST web service using spring MVC which is external-facing. I would like to restrict access to some REST calls for admin usage and for other servers on the same ...

48. Disabling edit functionality using Spring Security    stackoverflow.com

I have integrated Spring Security in my application and have defined access levels to pages in my spring-security.xml in the following format

<intercept-url pattern="/login" access="permitAll" />
<intercept-url pattern="/index" access="Admin" />
Now , the above ...

49. adding html file to mvc-showcase and can't access.    forum.springsource.org

I add a static "hello.html" web page file into Spring mvc-showcase project, into the webapp directory, package the project into WAR file, deploy it on tomcat, and found the /mvc-showcase/hello.html file ...

50. Spring mvc: How can I set timezone per user?    forum.springsource.org

I have data in database (Oracle, jpa, hibernate) stored in UTC. Every user has timezone in his setting. How can I handle timezone conversion during display and save?

51. Question on Spring Security & Spring MVC.    forum.springsource.org

Question on Spring Security & Spring MVC. Hi All, I am using Spring MVC and Spring Security to implement a small application. I am relatively new in using both the technologies. ...

52. new in spring mvc security    forum.springsource.org

new in spring mvc security hi, i'm new in spring mvc ,i want to know more about spring security that we we can setup in a mvc application, the steps we ...

53. Spring-test-mvc testing security    forum.springsource.org

Dec 7th, 2011, 06:47 AM #1 jmclaughlin View Profile View Forum Posts Private Message Visit Homepage Junior Member Join Date May 2010 Posts 7 Spring-test-mvc testing security Hi all, I've started ...

54. programatical security over MVC?    forum.springsource.org

I have a web Application (MVC) which is functional. Now I want to add an users/groups feature in order to have some rights on some users. I wanna do this by ...

55. Acegi + Spring MVC question    forum.springsource.org

Acegi + Spring MVC question Hi, I am trying to use Aegi with Spring MVC and I am facing two problems: When the user is not logged in Acegi is suppose ...

56. Regarding start up for Acegi security with Spring MVC    forum.springsource.org

Regarding start up for Acegi security with Spring MVC Hi, I am new to Spring MVC and acegi security.I am looking for a startup tutorial/example code explaining Spring MVC with acegi ...

57. MVC Problem (want to access an Image directly)    forum.springsource.org

Hi I'd like to access an image like which should call a controller which creates an image and returns it. But with the MVC-Concept, I have to return a ...

58. Can Spring Security be used with Spring MVC    forum.springsource.org

Hi all, I am a newbie to Spring Security... I am trying to implement a project where in i need to use Spring Security with Spring MVC. Is it possible to ...

59. Problem between Spring MVC 2.5 and Spring security 3.0    forum.springsource.org

Problem between Spring MVC 2.5 and Spring security 3.0 Hi! I implemented a web application using Spring MVC 2.5 . Now I want to add the security aspect to it, and ...

60. Problem between Spring MVC 2.5 and Spring security 3.0    forum.springsource.org

Hi! I implemented a web application using Spring MVC 2.5 . Now I want to add the security aspect to it, and I tried to do it using Spring security 3.0. ...

61. MVC and Security    forum.springsource.org

@Controller @Secured ({ "TAB_MAIN_MENU_ENGENERRING"}) public class EngineeringController extends APulseController { @RequestMapping(value = "/pulse/engineering.do", method = RequestMethod.GET) public final ModelAndView initLeftContainer() throws Exception { ....

62. New to Spring Security: Spring Security 3.0 & Spring MVC 2.5    forum.springsource.org

Nov 29th, 2009, 12:20 AM #1 vrmpx View Profile View Forum Posts Private Message Junior Member Join Date Nov 2009 Posts 2 New to Spring Security: Spring Security 3.0 & Spring ...

63. spring 3 @mvc and spring security 3    forum.springsource.org

Hello, I'm using the new simplified spring 3 mvc configuration like here http://blog.springsource.com/2009/12...in-spring-3-0/ (that means no ContextLoaderListener in web.xml) but when I'm adding the basic spring security 3.0 config I receive ...

64. Spring Security and MVC Problem    forum.springsource.org

Spring Security and MVC Problem Hello! Im new to Spring in general and I have a small problem. Ive create a project with Spring Security. It works fine, there's no problem. ...

65. MVC, Security, Ajax    forum.springsource.org

MVC, Security, Ajax Hello, Im really new to this and Ive got a question: I am doing a project with Spring MVC and Spring Security. This is working so far. Now ...

66. Spring MVC posting to j_security_check    forum.springsource.org

Spring MVC posting to j_security_check Hi, I have an application using Spring MVC 3.0.4.RELEASE where I have a login controller, which handles the login form validation (plain old JAAS, and not ...

67. Spring MVC and Spring Security    forum.springsource.org

Nov 23rd, 2010, 09:00 AM #1 gromitski View Profile View Forum Posts Private Message Junior Member Join Date Sep 2010 Posts 11 Spring MVC and Spring Security Hi, I'm developing an ...

68. spring mvc security    forum.springsource.org

Dec 2nd, 2010, 07:52 AM #1 naily View Profile View Forum Posts Private Message Junior Member Join Date Oct 2010 Posts 14 spring mvc security I am trying to add authentication ...