Http Basic Security Using Spring Framework

Http Basic Security Using Spring Framework :

In web.xml File

<listener>

<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>

</listener>

<context-param>

<param-name>contextConfigLocation</param-name>

<param-value>/WEB-INF/spring/dyn-security.xml</param-value>

</context-param>

<filter>

<filter-name>springSecurityFilterChain</filter-name>

<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>

</filter>

<filter-mapping>

<filter-name>springSecurityFilterChain</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

dyn-security.xml

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xmlns:security="http://www.springframework.org/schema/security" xsi:schemaLocation="http://www.springframework.org/schema/beans

http://www.springframework.org/schema/beans/spring-beans-3.1.xsd http://www.springframework.org/schema/security

http://www.springframework.org/schema/security/spring-security-3.1.xsd">

<security:http >

<security:intercept-url pattern="/admin*" access="ROLE_ADMIN" />

<security:http-basic/> <!-- default http client security provider -->

<security:logout logout-success-url="/logout" invalidate-session="true" delete-cookies="JSESSIONID" />

</security:http>

<security:authentication-manager alias="authenticationManager">

<security:authentication-provider>

<security:user-service>

<security:user name="techa2z" password="techa2z" authorities="ROLE_ADMIN"/>

</security:user-service>

</security:authentication-provider>

</security:authentication-manager>

</beans>