Pacific Northwest Software Symposium
September 23 - 25, 2011 - Seattle, WA
View the event details here ».
In this session, I'll show you how to secure your Spring application with Spring Security 3.0. You'll see hot to declare both request-oriented and method-oriented security constraints. And you'll see how SpEL can make simple work of expressing complex security rules.
Although we may invite guests into our homes and give someone a ride in our car, we locks and alarms on our homes and our cars to keep uninvited and malicious visitors out. Similarly, we allow people to use the applications that we develop, but we probably want to control the access that they have.
Security is an important aspect of any application. And while we could program security rules into the web controllers and methods in our application, we'd find ourselves cluttering our business logic with repetitive security code. Security is a cross-cutting concern--begging to be handled with aspect-oriented techniques.
Spring Security is an authentication and access-control framework based on Spring that provides security aspects. With Spring Security, you can declare who is allowed to access your application and what they're allowed to see, keeping your application logic focused and uncluttered with security details.
About Craig Walls
Craig Walls is a senior engineer with SpringSource as the Spring Social project lead and is the author of Spring in Action and XDoclet in Action (both published by Manning) and Modular Java (published by Pragmatic Bookshelf). He's a zealous promoter of the Spring Framework, speaking frequently at local user groups and conferences and writing about Spring and OSGi on his blog. When he's not slinging code, Craig spends as much time as he can with his wife, two daughters, 2 birds and 3 dogs.More About Craig »