Posts

Showing posts from April, 2011

Spring Security 3.1: Enhanced security namespace configuration

Security namespace configuration in Spring Security 3.1 improved. The change that made my life easier is the possibility of using multiple <http> to configure security in web application. Each <http> can now configure separate filter chain for different request pattern. This is very useful when you have a web application that consist of standard web application and the API and you want API to be accessible only with basic authentication. To achieve that in Spring Security 3.1 you need to define security configuration as following: <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sec="http://www.springframework.org/schema/security" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/s