loader image
Spring new

Introduction to Spring Security

imagge1 e1614021160736
Article by

Abhijeet Chopra

December 29 2020

Overview

Spring Security is a framework that when integrated with the spring framework gives the capability to the application of having a standard way of authentication and authorization (access control) mechanism.

It consists of many pre-built ways of authentication and authorization that are given by the spring security developer ranging from in-memory authentication to JDBC authentication and many more. It is easily configurable and extendable to meet the needs of a specific application.

It can be used for any type of application from desktop/standalone to web applications and using it we can setup application security in a few hours.

Spring Security works in a self-contained manner which means that every file that is needed by the spring security framework is present in your application when you configure spring security in your application and there is no need of any special configuration/policy file that needs to be added to the JVM or there is no need to add spring security to common classpath location.

In Technical terms, spring-security for web application is nothing but a chain of servlet filters that are stacked on one another in a specified order depending on the security needs of an application.

What is Authentication?

Many people still get confused when the word authentication comes into the picture so before diving, into detail of authentication in spring security that you can read in my up-coming article we would first get a clear understanding of what does authentication actually means.

So authentication in layman’s language is when a person tries to access some resources(data) that is restricted then he/she needs to get identified and verified so that the system can confirm whether the user is actually the right person to do so.

One of the most common examples of authenticating a person in an application is by using the username and password that a user decides on their own at the time of the creation of their account in an application.

So at the time when you log in to Facebook or Instagram by providing a username and password, you are getting authenticated by the application so that it can decide whether you are allowed to enter the application or not.

spring security

What is Authorization?

Once a person is authenticated by the application then the next step comes is an authorization.

So authorization is determining the extent of a user to access the restricted resources. The application ensures that the user is only allowed to access parts of the resource that he/she is allowed to.

Engineers at Web Application Development Services analyzes and integrates framework to make solutions authentic. 

This means that even if a user is authenticated and gets entry into the application he/she can only access a limited version of the resource depending on the level of clearance the user has for the application.

For example in a 10 story government building suppose a person with an identity card has access to the 1st to 8th floors then if he/she tries to access the 9th or 10th floor the security guard (system security portion/code) wouldn’t allow that person after seeing the identity card which tells that the user is not allowed on these floors. So even if the person has the right to enter the building that does not mean that he/she has access to all the floors of the building. Same way if a user is authenticated to enter a system that does mean he/she is allowed to access all the resources of the system.

The authorization mechanism is sometimes also called an access control mechanism.

spring security

To know more, contact us. Our specialist can reach you for further discussion.

Share This:

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Share on reddit
Share on whatsapp
Share on telegram

Latest Posts

Cover Image 1@4x 1 1 scaled
Why choose Electrum IT Solutions for outsourcing?

Why Electrum IT Solutions is the outsourcing solution you’re looking for 1)...

Continue Reading
February 12, 2021

FlutterCover
What makes Flutter an Evolution in Hybrid Technology?

Flutter is an UI SDK (software development kit) developed and open-sourced by...

Continue Reading
January 5, 2021

Spring new
Introduction to Spring Security

Spring Security is a framework that when integrated with the spring framework...

Continue Reading
December 29, 2020

MicroCover@4x 1 e1613470573971
Overview of Microservices

Microservice can be defined as a small but independent functionality of an...

Continue Reading
December 29, 2020

wp4923992 react js wallpapers
How ReactJS, an open-source JavaScript library can build the best infrastructure for your brand?

Reactjs is a front-end JavaScript library which is used for building the UI for...

Continue Reading
December 29, 2020