Integrating with Spring Security framework |
Web security includes authentication and authorization. In general, authentication requires user enter the username and password, then the system check the information. Authorization refers to the user's limitation. In general, users are divided into different roles, and each role has his own authorization.
Spring is based on Java development framework. Spring Security is based on Spring framework. It provides a complete set of web application security. For authentication, Spring Security offers HTTP basic authentication, HTTP form validation, HTTP digest authentication, OpenID and LDAP. For authorization, Spring Security offer ACL(Access Control List), in which objects can be controlled by fine-grained, and URL also can be controlled with fine-grained.
SuperMap iServer can be integrated with Spring Security to control the security of GIS services through Spring Security.Here is an example:
Description: based on basic users/roles and HTTP basic authentication, it realizes the basic user's authentication and authorization through DelegatingFilterProxy, and contorl the security of URL of iServer. Spring Security also supports HTTP digest authentication, OpenID and LDAP, and the user/role inforamtion also supports the popular database. See: