Spring Security 3.1.pdf
Spring security 3.1 Copyright o 2012 Packt Publishi ing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews rt has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, cither express or implied. Neither the author nor Pacl Publishing and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals However, Packt Publishing cannot guarantee the accuracy of this information First published: May 2010 Sccond published December 2012 Production reference: 1191212 Published by Packt Publishing Ltd Livery place 35 Livery street Birmingham b3 2PB, UK ISBN978-1-84951-826-0 www.packtpub.com CoverImagebyasherwishkerman(wishkermanghotmail.com Credits Authors Copy Editors Robert winch Brandt d'mello Peter mularien Insiya Morbiwala Alida paiva Reviewers ami subramanian Marten deinum Brian Relph Project Coordinator Bryan Kelly Michelle quadros Acquisition Editor Proofreader Usha lyer Mario cecere Lead Technical edito Indexers Susmita Panda Monica Ajmera Rekha nair Technical editors Lubna shaikh Graphics Worrell lewis Aditi Gaiiar Production coordinator Arvindkumar Gupta Cover work Arvindkumar Gupta About the author Robert winch is currently a Senior Software Engineer at VMware and is the project lead of the Spring Security framework. In the past, he has worked as a Software Architect at Cerner, the largest provider of electronic medical systems in the U.S. securing health care applications. Throughout his career, he has developed hands on experience integrating Spring Security with an array of security standards (that is, LDAP, SAML, CAS, OAuth, and so on). Before he was employed at Cerner, he worked as an independent web contractor in proteomics research at loyola University Chicago, and on the Globus Toolkit at Argonne National Laboratory Acknowledgement Before we get started I would like to extend my thanks to those who helped me make this book possible. First, I would like to thank Peter Mularien, for recommending me to packt Publishing to write the second edition of his book Security 3 packt Publish It was very useful to have such a sou foundation to start Spring Security 3.1 Writing a book is a very involved process and there were many that played a key part in the book's success. I would like to thank all the members of the team at Packt Publishing for making this possible. to usha lyer for guiding me through the process; to Theresa Chettiar, for ensuring that i stayed focused and on time; and to Susmita Panda, for her diligence in reviewing the book. Thank you to my technical reviewers Peter Mularien, Marten Deinum, Brian Relph, and bryan Kelly. Your feedback was critical in ensuring this books success This book, the Spring Security Framework, and the Spring Framework are all made possible by the large and active community. Thank you to all of those who contribute to the Spring Framework through patches, JIRA submissions, and answering other user's questions. Thanks to Ben alex for creating spring security I'd like to extend my special thanks to luke Taylor for his leadership of Spring Security. It was through mentoring that i have grown into a leader in the Spring Security community Thank you to my friends and family for your continued support. Last, but certainly not least, I would like to thank my wife, Amanda. Without your love, patience, and encouragement i would have never been able to finish this book. Thank you for taking such good care of me and reminding me to eat Peter Mularien is an experienced software architect and engineer, and the author of the book Spring Security 3, Packt Publishing. Peter currently works for a large financial services company and has over 1 2 years consulting and product experience in Java, Spring, Oracle, and many other enterprise technologies He is also the reviewer of this book About the reviewers Marten Deinum is a java/ software consultant working for Conspect. He has developed and architected software, primarily in Java, for small and large companies. He is an enthusiastic open source user and longtime fan user and advocate of the Spring Framework Ile has held a number of positions including Software Engineer, Development Lead, Coach, and also as a Java and Spring trainer When not working or answering questions on the Spring Framework forums, he can be found in the water training for the triathlon or under the water diving or guiding other people around Brian relph is currently a Software Engineer at Google, with a focus on web application development In the past, he has worked as a software architect at Cerner the largest provider of electronic medical systems in the U.S Throughout his career, he has developed hands on experience in integrating Spring and Spring Security with an array of Java standards(that is, LDAP, CAS, OAuth, and so on), and other open source frameworks(hibernate, Struts, and so on). He has also worked as an independent Web contractor. Bryan Kelly is currently a Software Architect at Cerner Corporation the largest provider of electronic medical systems in the U.s. At Cerner, his primary responsibility is designing and implementing solutions that use the Spring framework, Spring Security, and Hibernate for Web Applications and RESTful Web Services. Previously, he has worked as a Software Developer for CjK Software Consultants. Throughout his career, he has developed hands on experience in integrating Spring Security with an array of security standards (that is, LDAP, SAML vI and v2, CAS, OAuth, OpenID, and so on) I would like to personally thank rob winch for the opportunity to be a technical reviewer of this book. I would like to thank my wife Melinda Kelly for her unwavering support while i used my personal time to review this book. I would also like to thank John Krzysztow of C]K Software Consultants for giving a high schooler a chance at professional software development. Www.Packtpub.com Support files, eBooks, discount offers and more Youmightwanttovisitwww.PacktPubcomforsupportfilesanddownloadsrelated to your book Did you know that Packt offers e Book versions of every book published, with PDF andepuBfilesavailableyoUcanupgradetotheebookversionatwww.packtpub com and as a print book customer, you are entitled to a discount on the e book copy. Get in touch with us at serviceopacktpub com for more details Atwww.packtpub.comyoucanalsoreadacollectionoffreetechnicalarticlessign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and ebooks PIPACKTLIB° http://packtlib.Packtpub.com Do you need instant solutions to your It questions? PacktLib is Packt's online digital book library. Here, you can access, read and search across Packt's entire library of books Why Subscribe? Fully searchable across every book published by Packt Copy and paste, print and bookmark content On demand and accessible via web browser Free Access for packt account holders IfyouhaveanaccountwithPacktatwww.Packtpub.comyoucanusethistoaccess Packtlib today and view nine entirely free books. Simply use your login credentials for immediate access