Chapter 7. Securing and personalizing your application
This chapter covers
- Authentication
- Authorization
- Personalization
In the past couple of chapters you’ve experienced some of the great integration features that BlazeDS gives us. Now you’re going to take integration one step further as you strengthen your application and add security features.
You’ll leverage the existing security infrastructure provided by AppFuse and not have to spend precious time on the particulars of setting up a Lightweight Directory Access Protocol (LDAP) server, authenticating against Active Directory, and creating Access Control Lists (ACLs). There are plenty of resources on the web that cover these advanced topics, which are beyond the scope of our goals for this chapter. The information you cover in this chapter should be sufficient for about 90% of the applications that you’ll encounter.
You’ll take an iterative approach to adding security to the sample application, starting by adding simple login and logout functionality, allowing the application to authenticate using the same mechanism that AppFuse uses internally. You’ll build upon that by adding security constraints to the services and lock down the destructive method calls to only users belonging to specific roles. You’ll also learn about an often-overlooked aspect of security, personalization. Before getting started, let’s cover basic concepts of the Spring Security framework.