Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

can I use Spring Social with Spring Security?

I want to integrate the Spring Social (to provide twitter, facebook, linkedLogin) with my application in which I have already used Spring Security to provide open ID authentication....

Spring Security's open ID support is working awesome and I have tried spring social too with a sample application... Now I want to integrate the Spring Social with the original product. I want to know will this work or not..? Is Spring Security fully compatible with spring social ?

If yes, than how I need to handle the login, logout while inside the spring social's zone. What precautions I should take..?

Any blog / tutorial / source code will be of great help....

Thanks in advance,

like image 268
Amit Avatar asked Oct 04 '11 06:10

Amit


People also ask

What is a Spring Social?

About the Spring SocialAn outdoor community event, sponsored by the Parents Association, that typically takes place in mid-April. Featuring music, games, a mini-camp fair, and treats for all ages.

Is Spring Social deprecated?

Today it is with an optimistic look to the future that I am announcing the end of life for Spring Social, a project that I have had the pleasure to work with over the past eight years.

How does Spring Security work?

Definition. Spring Security is a framework provided by Spring that helps to customize an access and authentication process. It plays a very crucial role in terms of securing the applications. Spring Security, mainly focuses on authentication and authorization to provide all benefits to java applications.


1 Answers

I used both of them in a project 2 months ago and they both work well together. Spring Social shouldn't give you any issue since you are requesting information to other websites (providers) without handling any authentication which is not yours.

The only tricky part is if you want to be an oAuth/oAuth2 service provider (so other websites can push/pull information from/to your website, you providing an API to a client website). Documentation is confusing, but it affects a separate namespace configured in spring security file, coexisting without overlapping with the rest of your application namespaces (multiple 'http' elements in your XML, some of them might be protected with OpenID - as Facebook would protect a status update submission form coming from another site: 'do you allow website example.com to post updates?'; others being public - as the login form used to protect the previous action).

like image 109
laffuste Avatar answered Sep 19 '22 15:09

laffuste