Spring security articles

Custom filter in Spring Security

Until now we've working with filters belonging to Spring Security project. However we can also add our own custom filters which must only follow some basic rules.

Continue Reading β†’

Effects of bad filter order in Spring Security

Spring Security is based on filter chain. Every filter can be invoked for appropriate request and executed to provide supplementary layer of protection. But one important thing must be respected - filters order.

Continue Reading β†’

Spring Security configuration

Through our last articles we could discover that Spring Security can be configured in two ways: the first one using standard Spring beans mechanism. The second one is specific for Spring Security because it uses its own XML schema definition (XSD). In this article we'll focus on the second method.

Continue Reading β†’

Handling of expired sessions in Spring Security

Session consistency is important part which is not overlooked by Spring Security. Thanks to special filter, SessionManagementFilter, the project allows to control better sessions.

Continue Reading β†’

CSRF protection in Spring Security

Spring Security project provides solutions for a lot of web dangers. One of them is CSRF.

Continue Reading β†’

Remember me in Spring Security

The article about basic security filter in Spring Security introduces us to particularity of handle remember-me authentication. This time, we'll focus on this aspect more in details.

Continue Reading β†’

Security filter chain in Spring Security

The first article from this category covers the subject of Spring Security ACL features. But we can still use Spring Security without the roles management. And to do it correctly, we should be familiar with a concept calling security chain.

Continue Reading β†’

Introduction to Spring Security

Using Spring Security is like the blessing. Everything is coded and you only need to implement it correctly. But always is good to know what we are implementing. This is the main purpose of this article, to understand how one of particular Spring Security modes, ACL, works.

Continue Reading β†’