English | 简体中文 | 繁體中文 | Русский язык | Français | Español | Português | Deutsch | 日本語 | 한국어 | Italiano | بالعربية
Spring Security is a framework that provides various security features, such as: authentication, authorization for creating secure Java Enterprise Applications.
This is a subproject of the Spring framework, which was initiated by Ben Alex in2003year. Later, in2004year, it was released in the form of the Apache license as Spring Security 2.0.0 release.
It overcomes all the issues that arise when creating non-Spring Security applications and managing the new server environment for the application.
This framework focuses on two main areas of the application: authentication and authorization.
Authorizationis the process of allowing permissions to perform operations within the application.
We can apply authorization to authorize web requests, methods, and access to individual domains.
The Spring Security framework supports various authentication models. These models are either provided by third parties or by the framework itself. Spring Security supports integration with all of these technologies.
HTTP BASIC authentication headers HTTP Digest authentication headers HTTP X.509 client certificate exchange LDAP (Lightweight Directory Access Protocol) Form-based authentication OpenID authentication Automatic remember-me authentication Kerberos JOSSO (Java Open Source Single Sign-On) AppFuse AndroMDA Mule ESB DWR (Direct Web Request)
The advantage of this framework lies in its flexible authentication features, which can be integrated with any software solution. Sometimes, developers want to integrate it with legacy systems that do not follow any security standards, where Spring Security works well.
Spring Security has many advantages. Some of them are listed below.
Comprehensive Support for Authentication and Authorization. Protection for Common Tasks Servlet API Integration Integration with Spring MVC Portability CSRF Protection Java Configuration Support
2003At the end of the year, a project Acegi Spring Security SystemThe development of plans based on Spring began. Security system. Therefore, a simple security system was implemented, but it was not officially released. Developers used this code internally as a solution until2004year, there were20 developers are using this code.
Initially, the authentication module did not belong to this project. About a year later, the module was added, and the entire project was reconfigured to support more technologies.
After a while, the project became a subproject of the Spring framework and was released in2006year as1.0.0 release.
In2007In the year, the project was renamed to Spring Security and widely accepted. Currently, it has been recognized and supported by developers from the global open community.