Spring MVC 3.0 Basic Authentication Implementation

java authentication jakarta-ee spring-mvc spring-security
13,424

If you are already using SpringMVC, why don't you use also SpringSecurity (manual)? It has all the components built-in that you need to set up your form-based- or basic-authentication. And, you can easily add new authentication methods in the future.

EDIT: see also this question for a possible solution, using Spring Security.

Share:
13,424
danny.lesnik
Author by

danny.lesnik

Java Expert at Tikal Knowledge. Interesting in Spring/Hibernate/NoSQL/Spring MVC and other Java top edge technology. Twitter LinkedIn Facebook

Updated on June 04, 2022

Comments

  • danny.lesnik
    danny.lesnik almost 2 years

    I'm currently transforming my Web Application tn Java with Spring MVC framework from ASP.NET (good way to learn it though -:) ) I need to implement authentication in my application: Please tell me if my approach is good and professional enough and if not what is the best practice to do that:

    First of all I'm writing User class which holds all information about current user firstname/lastname/email/id/etc....

    class User implements Serializable{
private String firstName;
private String lastName;
private Long id;
private String email;

///Settters and Getters

}

    I'm implementing class Named DlSession and implementing it on sesison level.

    <bean id="MySession" class="DlSession" scope="session">
<aop:scoped-proxy/>

class DlSession implements Serializable{
private User currentUser;

public DlSession(){}

// getters and setters:
}

    When User submits his user/pass I'm verifying the credential and if user exists retrieving all the user Data to the instance of User class. Then I'm setting currentUser in Session to b the user I retrieved:

    mySesison.setCurrentUser(user);

    In order to verify authentication I need to check:

    if (mySession.getcurrentUser() == null)
//return unauthenticated 
else 
//return authenticated

    To logout user from system I just doing:

    mySession.setcurrentUser(null);

    Is this approach correct? any suggestions are more then welcomed. :)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

spring security get user id from DB
Step by step login example using spring security 3.0 with hdbc
How to manually set an authenticated user in Spring Security / SpringMVC
How to get the role that a user logged in with in my controller using Spring Security
Spring security application of antMatcher() vs. antMatchers()
Spring Security get user info in rest service, for authenticated and not authenticated users
Integrating Spring Security with SiteMinder
MVC interceptor vs Spring security filter vs something else...?
Spring security 401 Unauthorized even with permitAll
Spring MVC method handling json and form params