Vaadin 7 + Spring Security (base authentication)

Vaadin 7 is easy to integrate with Spring Security. You should configure only 2 files. First - web.xml and second one spring-security.xml (user credentials and security settings). This is a small example on how to use base form for authentication.

web.xml Configuration

XML

  1. <?xml version="1.0" encoding="UTF-8"?>
  2. <web-app xmlns:xsi="[[http://www.w3.org/2001/XMLSchema-instance"xmlns="http://java.sun.com/xml/ns/javaee"xsi:schemaLocation="http://java.sun.com/xml/ns/javaeehttp://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"id="WebApp_ID|http://www.w3.org/2001/XMLSchema-instance"xmlns="http://java.sun.com/xml/ns/javaee"xsi:schemaLocation="http://java.sun.com/xml/ns/javaeehttp://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"id="WebApp_ID]]" version="3.0">
  3.   <display-name>Vaadin7SpringSecurity</display-name>
  4.   <context-param> <param-name>contextConfigLocation</param-name> <param-value> /WEB-INF/spring/spring-security.xml </param-value></context-param>
  5.   <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class></listener>
  6.   <!-- filter declaration for Spring Security -->
  7.   <filter>
  8.     <filter-name>springSecurityFilterChain</filter-name>
  9.     <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
  10.   </filter>
  11.   <filter-mapping>
  12.     <filter-name>springSecurityFilterChain</filter-name>
  13.     <url-pattern>/*</url-pattern>
  14.   </filter-mapping>
  15. </web-app>

spring-security.xml

XML

  1. <beans:beans xmlns="http://www.springframework.org/schema/security"
  2. xmlns:beans="http://www.springframework.org/schema/beans"
  3. xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  4. xsi:schemaLocation="http://www.springframework.org/schema/beans
  5.       http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
  6.       http://www.springframework.org/schema/security
  7.       http://www.springframework.org/schema/security/spring-security-3.1.xsd">
  9. <http auto-config='true'>
  10.   <intercept-url pattern="/*" access="ROLE_USER" />
  11. </http>
  13. <authentication-manager>
  14.   <authentication-provider>
  15.     <user-service>
  16.       <user name="user" password="password" authorities="ROLE_USER" />
  17.     </user-service>
  18.   </authentication-provider>
  19. </authentication-manager>
  21. </beans:beans>

For more details, how to extend spring-security.xml configuration you can use Spring resources.