P.S In this example, we are using MySQL database and deploy to Tomcat 7 web container.
1. Database Script
script to create the user table on the database.
CREATE TABLE `user`
(
`userid` BIGINT(20) UNSIGNED NOT NULL auto_increment,
`login` VARCHAR(50) NOT NULL,
`password` VARCHAR(50) NOT NULL,
`role` VARCHAR(50) NOT NULL,
`enabled` TINYINT(1) NOT NULL,
PRIMARY KEY (`userid`)
) engine=innodb auto_increment=17 DEFAULT charset=utf8;
INSERT INTO `user`(`userid`, `login`, `password`, `role`, `enabled`)
VALUES (1, 'raouf', 'raouf', 'user', 1);
2. Project structure
3. Datasource configuration :
application-context.xml
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd"> <bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource"> <property name="user" value="root" /> <property name="driverClass" value="org.gjt.mm.mysql.Driver"/> <property name="jdbcUrl" value="jdbc:mysql://localhost/tutorial" /> <property name="password" value="root" /> </bean> </beans>4. Security configuration :
we'll secure our web application so only logged users can access on our resources.
spring-security.xml
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security" xmlns:sec="http://www.springframework.org/schema/security" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd"> <sec:http auto-config="true" use-expressions="true"> <sec:intercept-url pattern="/login.html" access="permitAll" /> <sec:intercept-url pattern="/*" access="hasRole('user')"/> <sec:session-management invalid-session-url="/login.html" /> <sec:form-login login-page="/login.html"/> <sec:logout invalidate-session="true" delete-cookies="JSESSIONID,SPRING_SECURITY_REMEMBER_ME_COOKIE" logout-success-url="/login.html"></sec:logout> </sec:http> <authentication-manager> <authentication-provider> <jdbc-user-service data-source-ref="dataSource" users-by-username-query=" select `login` as username, `password`, `enabled` from `user` where login=?" authorities-by-username-query=" select `login` as username, `role` as authority from `user` where login =?" /> </authentication-provider> </authentication-manager> </beans:beans>5. Web Config :
here the code of the web config file
web.xml
here the code of the login page
login.html
<!DOCTYPE html> <html> <head> <meta charset="ISO-8859-1"> <title>Login page</title> </head> <body> <h1>Authentication</h1> <br /> <form name="login-form" action="j_spring_security_check" method="post"> <input name="j_username" type="text" /> <input name="j_password" type="password" /> <input type="submit" name="submit" value="Connection" /> </form> </body> </html>6. Welcome page :
here the code of the welcome page with the logout link
index.html
<html> <head> <title>Welcome</title> </head> <body> <h1>Welcome</h1> <a href="j_spring_security_logout">Logout</a> </body> </html>
Here a video tutorial
Download this example
You have a question ? post it here http://developerfirm.com/
Download this example
You have a question ? post it here http://developerfirm.com/
