ReviewIn the previous section, we have created the configuration files and discussed them accordingly. In this section, we will focus on the view layer, in particular the HTML files.
Table of ContentsPart 1: Introduction and Functional Specs
Part 2: Java classes
Part 3: XML configuration
Part 4: HTML Files
Part 5: Running the Application
HTML FilesAfter the configuration files, we'll now move to the HTML files. Actually, we'll be editing JSP files instead.
- Use POST not GET!
- Use j_spring_security_check for the action value. You may have to modify the action value depending on your URL mapping structure, i.e. it could be ../j_spring_security_check or ../../j_spring_security_check in certain cases.
- Use j_username for the username input
- Use j_password for the password input
Here's our complete login.jsp source:
Menu PageThe menu page needs extra configuration because we're required to display all links to admin users but regular users can only see non-admin pages. Particularly, the "Admin" link must be secured.
If you examine carefully the spring-security.xml configuration file, we've already marked the /admin url to be accessible to admins only. But why do we need to secure it again in the menu page? That's because the declaration in spring-security.xml only secures the URL but it doesn't hide the HTML link. To hide and secure the link, we must manually declare it.
To hide a section of HTML (i.e. a link), follow these steps:
- Add the following line in the top section of your JSP page (Make sure to edit the role accordingly):
- Add the following lines to whatever HTML section you need to secure:
Here's our complete menu.jsp source:
NextIn the next section, we will build and run the application using Maven, and show how to import the project in Eclipse. Click here to proceed.
Share the joy:
Subscribe by reader Subscribe by email Share