Bidvertiser

Friday, December 20, 2013

Spring MVC 3 + Spring Security + Hibernate 4 tutorial

This tutorial helps you to create a spring mvc application integrated with hibernate 4 and Spring security. Before continuing read through my previous article on Spring MVC 3 - Hello world example

The tutorial uses MySQL as database and source code enhanced from the previous Hello world example.

Changes to your pom
Add/modify the following to the properties section of your pom.xml. The spring version is increased to 3.2.3 to support transactions.
Add the following to the dependencies section

Now we are set to use hibernate and spring security in your application.

Create file application-security.xml inside your webapp >> WEB-INF >> spring folder and paste this content.
Replace the following to your servlet-context.xml. The changes include adding necessary namespaces and made beans as default namespace for convenience.
Create a new file controllers.xml Now all the configurations are done.  Create your controllers and views, I have not explained the views, web.xml for simplicity. The complete sample can be found here in github
Create User.java with the following content, make sure your test database has an user table with fields that matches the properties in the below
Create UserController.java with the following content
Create UserDAO.java with the following content
Download the complete code in github

3 comments:

  1. Hi, I followed this tutorial and tried with this example, But after running eclipse i'm unable to get any output. Showing requested resource not found, I tried to resolve almost all possibilities but could not able to solve. May i know what is the mistake Thanks Chetan

    ReplyDelete
    Replies
    1. Hi Chetan,
      404 could happen for various reasons, it is hard to figure out what you missed without looking into your code. I would suggest you to get my code from https://github.com/ananthchelladurai/spring-mvc-security-hibernate and compare it with your source to see what you have missed. Hope it helps you to nail down what you have missed.
      -- AC

      Delete
  2. Can you give solution for me
    I dont need authentication, I need only authorization.
    example
    ------------
    I have 3 types of roles
    user
    admin
    super admin

    I used to store role in session object

    If user request for ..../admin/details , user should not able to see view
    if admin request for .../user/details , admin should not able to see view

    how to solve it..TIA

    ReplyDelete