Home/ Questions/Q 6757163
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T13:36:48+00:00

I want to provide security one way or another for Sending and Getting JSON

  • 0

I want to provide security one way or another for Sending and Getting JSON Data,but I don’t know how to do this.

Our System has roles of users (System admin, General Members, etc.)

We decided send data as JSON using the Spring MVC URL pattern. I don’t want everybody that outside from system to use this URL, only users can use the URL.

Example

www.example.com/services/"hereUserPass"/"hereUserName"/category/3

Each request time for different URLs, Should I control the username and password whether registered before? or What should I do for Security?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You want to implement security into your Spring Web application. You can do this at two ways:

    • Url Based Security
    • Method Based Security

    Try to make another xml file as like applicationContext-security.xml Here is an example:

    <http use-expressions="true">
    <intercept-url pattern="/" access="permitAll"/>
    <intercept-url pattern="/static/**" filters="none" />
    <intercept-url pattern="/**" access="isAuthenticated()" />
    <form-login />
    <logout />
</http>

    Here we see that permitAll means permit everybody who wants to reach that URL. filters = none has the same effect but it means that user will not go over Spring Security(Previous one goes over Spring Security but has access, filtering doesn’t applied). isAuthenticated means that user can reach there if authenticated. You can also apply role based acces to urls.

    Other security implementation base on middle tier security. You should add this line at your application context security file:

    <global-method-security pre-post-annotations="enabled" />

    so you can use method based security as like:

    @PreAuthorize("hasRole('ROLE_SUPERVISOR')")
void storeVisit(Visit visit) throws DataAccessException;

    You can start to reading with Spring Security implementation of Spring’s Pet Clinic example: http://static.springsource.org/spring-security/site/petclinic-tutorial.html

    Also I recommend you read here: http://www.mularien.com/blog/2008/07/07/5-minute-guide-to-spring-security/

    • 0