Spring Security in Motion — Part 1

Introduction

In today’s interconnected world, developing secure apps has become a primordial concern for programmers and organisations. Unsafe coding practices result in costly vulnerabilities in application software that can lead to drastic damages.

This article cover how to integrate spring security in your application from initialisation to custom configurations.

source: https://www.dineshonjava.com/spring-security-xml-namespace-configuration-example/

1. Servlet Filter

Servlet is a Java program running on a Web server or an application server that process and respond to client requests. Servlet container holds servlet objects.

A Servlet filter is an object that is invoked at the pre-processing and/or post-processing of an incoming request. It is mainly used to perform filtering tasks such as encoding, encryption, decryption, compression ect.

Usually we define multiple filters, and to facilitate the delegation, a filter chain comes on the top and would be responsible to forward responses to next filters.

ApplicationFilterChain is the implementation of FilterChain used to manage the execution of a set of filters for a particular request. When filters has all been performed, next call to doFilter() will delegate to the servlet’s service() method in order to dispatch to appropriate handler.