Getting Started with Security Namespace Configuration
Create default login page, using spring without https.
Add web.xml
Configuration
<listener>
<description>Spring Listener</description>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
A Minimal <http>
Configuration in ***-***.xml
<?xml version="1.0"
encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<s:http auto-config="true">
<s:intercept-url pattern="/**"
access="ROLE_USER" />
</s:http>
<s:authentication-manager>
<s:authentication-provider>
<s:user-service>
<s:user name="abc"
password="abc"
authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER"
/>
<s:user name="def"
password="def" authorities="ROLE_USER,ROLE_TELLER"
/>
</s:user-service>
</s:authentication-provider>
</s:authentication-manager>
</beans>
Create default login
page, using spring with https.
1. Create jks file
2. Use connector in server.xml file in TOMCAT to access https
request.
3. Add requires-channel="https" in intercept-url in your
spring configuration file.
Creation of JKS file:
Tomcat currently operates only on JKS, PKCS11 or PKCS12 format
keystores. The JKS format is Java's standard "Java KeyStore" format, and
is the format created by the keytool command-line utility. This tool is included in the JDK. The PKCS12 format
is an internet standard, and can be manipulated via (among other things)
OpenSSL and Microsoft's Key-Manager.
Each entry in a keystore is identified by an alias string.
Default password: changeit
Abc.jks file, will be created in your C:\Documents and
Settings\USER\abc.jks
Create certificate file using the keytool export and the
certificate (*.crt) file, be placed default in the place of abc.jks file.
Since, this is self signed certificate, and if we need get
Certificate, which is typically purchased from a well-known Certificate
Authority (CA) such as VeriSign or Thawte
Import the certificate, which is signed from CA into your jks
file.
(Present used your own *.crt file, which is created from keytool
export).
Add
Connector in
the server.xml
file in TOMCAT
<Connector port="8443"
protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="${user.home}/abc.jks"
keystorePass="changeit" keystoreType="JKS"
truststoreFile="${user.home}/abc.jks" truststorePass="changeit"
truststoreType="JKS"/>
Add
requires-channel="https" to
your http command
<s:http auto-config="true">
<s:intercept-url pattern="/**"
access="ROLE_USER" requires-channel="https"/>
</s:http>
Start your
application then we can check with the https.
While
creation of jks file, we will get an option saying “What is your first and last
name?” Give there your PC Name or Localhost.
When we are
accessing the application, the URL will be displayed as, give name by we at
creation of JKS file.
For Eg:
https://localhost: 8443/PROJECT_NAME/faces/pages/DEFAULT_PAGE.jspx
No comments :
Post a Comment