Latest Added Tutorials
In Spring 4, we can use following configuration to adjust concurrent session count:
To use concurrent session support, you’ll need to add the following to web.xml:
<listener>
<listener-class>
org.springframework.security.web.session.HttpSessionEventPublisher
</listener-class>
</listener>
In addition, you will need to add the ConcurrentSessionFilter to your FilterChainProxy. The ConcurrentSessionFilter requires two properties, sessionRegistry, which generally points to an instance of SessionRegistryImpl, and expiredUrl, wh...Continue Reading
21-02-2016
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(locations = {"classpath:/applicationContext.xml",
"classpath:/mvc-dispatcher-servlet.xml",
"classpath:/spring-security.xml"})
@WebAppConfiguration
public class UserControllerTest {
@Autowired
private UserService userService;
@Autowired
WebApplicationContext wac;
private MockMvc mockMvc;
@Before
public void setup() {
MockitoAnnotations.initMocks(this);
this.mockMvc = MockMvcBuilders.webAppContextSetup(wac).apply(springSecurity()).bui...Continue Reading
11-02-2016
Maven Dependencies
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>4.1.4.RELEASE</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<version>4.0.0.RELEASE</v...Continue Reading
Spring Configuration
<http auto-config="false" use-expressions="true"
entry-point-ref="loginUrlAuthenticationEntryPoint">
<intercept-url pattern="/index" access="permitAll"/>
<intercept-url pattern="/kayit" access="permitAll"/>
<intercept-url pattern="/sifre-hatirlatma" access="permitAll"/>
<intercept-url pattern="/checkUser" access="permitAll"/>
<intercept-url pattern="favicon.ico" access="permitAll"/>
<intercept-url pattern="/kullanici/**" access="hasAnyAuthority('ROLE_ADMIN','ROLE_OFFICER','ROLE_CLIE...Continue Reading
<intercept-url pattern="/admin/home/addUser" access="hasRole('ROLE_ADMIN')"/>
<intercept-url pattern="/admin/home/**" access="hasAnyAuthority('ROLE_ADMIN','ROLE_NORMAL')"/>
admin/home/addUser paths can only be accessed by ROLE_ADMIN and any other web pages located in /admin/ is accessed ROLE_ADMIN and ROLE_NORMAL. But notice that addUser page is also in /admin/ directory. By writing addUser url before more general path, /admin/home/**, we made a kind of filter....Continue Reading
20-02-2015
Custom Logout and Logout Success URL:
<logout logout-url="/logout"
logout-success-url="/problemSolution/index?logout"/>
Note: /logout url is used by Spring Security. This url doesn't refer to any .jsp pages, so you can set any value.
index.jsp page:
<c:url var="logoutUrl" value="/problemSolution/logout"/>
<form action="${logoutUrl}" id="logout" method="post">
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form>
<a href="#" onclick="document.getElementById('logout').submit();">L...Continue Reading