Review
In the previous section, we have created the configuration files and discussed them accordingly. In this section, we will focus on the view layer, in particular the HTML files.Table of Contents
Part 1: Introduction and Functional SpecsPart 2: Java classes
Part 3: XML configuration
Part 4: HTML Files
Part 5: Running the Application
HTML Files
After the configuration files, we'll now move to the HTML files. Actually, we'll be editing JSP files instead.Login Page
- Use POST not GET!
- Use j_spring_security_check for the action value. You may have to modify the action value depending on your URL mapping structure, i.e. it could be ../j_spring_security_check or ../../j_spring_security_check in certain cases.
- Use j_username for the username input
- Use j_password for the password input
Here's our complete login.jsp source:
Menu Page
The menu page needs extra configuration because we're required to display all links to admin users but regular users can only see non-admin pages. Particularly, the "Admin" link must be secured.If you examine carefully the spring-security.xml configuration file, we've already marked the /admin url to be accessible to admins only. But why do we need to secure it again in the menu page? That's because the declaration in spring-security.xml only secures the URL but it doesn't hide the HTML link. To hide and secure the link, we must manually declare it.
User's view
Admin's view
To hide a section of HTML (i.e. a link), follow these steps:
- Add the following line in the top section of your JSP page (Make sure to edit the role accordingly):
- Add the following lines to whatever HTML section you need to secure:
Here's our complete menu.jsp source:
Next
In the next section, we will build and run the application using Maven, and show how to import the project in Eclipse. Click here to proceed.|
Share the joy:
|
Subscribe by reader
Subscribe by email
Share
/* Excuse me for my english */
ReplyDeleteFirst, I thank Mr. Krams for this very interesting tutorial. and i wonder if
someone can help me by posting an updated pom.xml for this project, in fact there is some problems in the "goldin" dependency.
thank you
I know this is a very, very late reply. I have updated the project so that it uses maven-resources-plugin. See http://krams915.blogspot.com/2012/08/copy-maven-plugin-updates.html
DeleteHi Krams I didn't get j_spring_security_check. Does it point to some webpage or some controller is invoked.???
ReplyDeletefarooq, I suggest you enable DEBUG-level logging so you can verify what's happening behind the scenes. Did you change anything in the sample code?
DeleteHello Krams,
ReplyDeleteIs possible to get the user id at the JSP pages? Because I want to retrieve a few more informations about the user and it will be necessary to get the current user id. Thanks and best regard´s, I´m one of your online students...
Hi krams
ReplyDeletespring-data.xml no persistence unit with name HibernatePersistenceUnit found. Could anybody help?
I have Intelij Idea and Jboss
ReplyDeleteI have read your blog its very attractive and impressive. I like it your blog.
ReplyDeleteSpring online training Spring online training Spring Hibernate online training Spring Hibernate online training Java online training
spring training in chennai spring hibernate training in chennai
Thanks for sharing this wonderful information. I hope you will share more helpful information regarding the content.
ReplyDeleteweb portal development company in chennai
sem services in chennai
professional web design company in chennai