Spring Security publishes various authentication and authorization events during its security checks. Spring managed beans which implement ApplicationListener interface or beans with methods annotated with @EventListener can consume those events within the application. One of those security related events is AuthorizedEvent which indicates that user request is allowed to access secure web resource. It is, […]
Tag: security
Enabling Acegi (1)
We have decided to use Acegi Security Framework in order to implement security requirements in our web based project, but might possibly have diverse security requirements, in addition to form based authentication and role based authorization, such as remoting support, domain object security, run-as capability, SSO, after invocation security, certificate based authentication which is integrated […]
Why to use absolute paths to reference resources in login and error web pages
I think, it is a well known practice to use absolute names to access resources in login and global error pages, but the reason behind it might not be so clear for some of us. Servlet specification states that when a protected resource accessed, should the request directed first to login page unless user is […]