I have build the Spring MVC application and got it to an advanced level.
Now my task is to integrate Spring Security to it. And I am now following this tutorial for spring security. Now the problem is that in my MVC application there is already a applicationContext.xml which is the parent application context definition for the MVC application.
As mention in tutorial for security, should I have to add a new application context xml file for security? which contain the code:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
<global-method-security secured-annotations="disabled">
</global-method-security>
<http auto-config="true">
<intercept-url pattern="/**" access="ROLE_USER" />
</http>
<authentication-provider>
<user-service id="userDetailsService">
<user name="username" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
<user name="test" password="test" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</beans:beans>
Thanks in advance.
P.S. / EDIT: Or should I just copy it to my original/existing applicationContext.xml file of my MVC application?
There is no problem or conflict with your other context.
You could write the security configuration into context/applicationContext-security.xml for example and then just load all your context files from the web.xml.