Java Reference
In-Depth Information
</bean>
<bean name ="authenticationEntryPoint" class="org.springframework.
å
security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/login.do"/>
<property name="forceHttps" value="false"/>
</bean>
<bean name="accessDeniedHandler" class="org.springframework
å
.security.ui.AccessDeniedHandlerImpl">
<property name="errorPage" value="/denied.do"/>
</bean>
</beans>
The task of this filter is simple. In the case of an authentication exception, ETF uses
the
authenticationEntryPoint
property to redirect the user to the login page. If there is an
authorization failure, the user is redirected to the access-denied page.
Filter Security Interceptor (FSI)
This is another pivotal filter in Spring Security along with the authentication processing
filter. The primary responsibility of the FSI is to assist in authorization. If an unauthenti-
cated user tries to access a secured resource, FSI should prevent the user and force him
to either an access-denied page or a login page. Even an authenticated user may have
access to only a subset of the resources. The FSI ensures that a valid user accesses only
the resources available to his role. It also allows users to access certain pages anony-
mously. The sign-on page, for example, should be available to all the users. The FSI is
configured in the Spring application context, as in Listing 6-15.
Listing 6-15.
applicationContext-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
<beans>
<!—Other beans -->
<bean id="filterInvocationInterceptor"
class="org.springframework.
å
security.intercept.web.FilterSecurityInterceptor">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager" name="accessDecisionManager" />
