Vaadin-SpringSecurityViewProvider

Provides a custom ViewProvider which evaluates @ViewDescription's and instanciates Views accordingly if the current User, authenticated through Spring Security, has the necessary permissions to use them.

License

License

Categories

Categories

IDE Development Tools Vaadin User Interface Web Frameworks Security
GroupId

GroupId

de.enerko
ArtifactId

ArtifactId

vaadin-springsecurityviewprovider
Last Version

Last Version

0.2.1
Release Date

Release Date

Type

Type

jar
Description

Description

Vaadin-SpringSecurityViewProvider
Provides a custom ViewProvider which evaluates @ViewDescription's and instanciates Views accordingly if the current User, authenticated through Spring Security, has the necessary permissions to use them.
Project URL

Project URL

http://info.michael-simons.eu/2013/03/30/vaadin-spring-integrating-vaadin-with-spring-security/
Project Organization

Project Organization

ENERKO Informatik GmbH
Source Code Management

Source Code Management

https://github.com/michael-simons/vaadin-springsecurityviewprovider.git

Download vaadin-springsecurityviewprovider

How to add to project

<!-- https://jarcasting.com/artifacts/de.enerko/vaadin-springsecurityviewprovider/ -->
<dependency>
    <groupId>de.enerko</groupId>
    <artifactId>vaadin-springsecurityviewprovider</artifactId>
    <version>0.2.1</version>
</dependency>
// https://jarcasting.com/artifacts/de.enerko/vaadin-springsecurityviewprovider/
implementation 'de.enerko:vaadin-springsecurityviewprovider:0.2.1'
// https://jarcasting.com/artifacts/de.enerko/vaadin-springsecurityviewprovider/
implementation ("de.enerko:vaadin-springsecurityviewprovider:0.2.1")
'de.enerko:vaadin-springsecurityviewprovider:jar:0.2.1'
<dependency org="de.enerko" name="vaadin-springsecurityviewprovider" rev="0.2.1">
  <artifact name="vaadin-springsecurityviewprovider" type="jar" />
</dependency>
@Grapes(
@Grab(group='de.enerko', module='vaadin-springsecurityviewprovider', version='0.2.1')
)
libraryDependencies += "de.enerko" % "vaadin-springsecurityviewprovider" % "0.2.1"
[de.enerko/vaadin-springsecurityviewprovider "0.2.1"]

Dependencies

compile (10)

Group / Artifact Type Version
org.apache.commons : commons-lang3 jar 3.3.2
com.vaadin : vaadin-server jar 7.3.2
org.springframework : spring-core jar 3.2.18.RELEASE
org.springframework : spring-context jar 3.2.18.RELEASE
org.springframework.security : spring-security-config jar 3.2.10.RELEASE
org.springframework.security : spring-security-web jar 3.2.10.RELEASE
org.aspectj : aspectjrt jar 1.7.4
org.aspectj : aspectjweaver jar 1.7.4
org.springframework : spring-aspects jar 3.2.18.RELEASE
com.vaadin : vaadin-push jar 7.3.2

provided (1)

Group / Artifact Type Version
javax : javaee-web-api jar 6.0

test (3)

Group / Artifact Type Version
junit : junit jar 4.11
org.springframework : spring-test jar 3.2.18.RELEASE
org.springframework : spring-instrument jar 3.2.18.RELEASE

Project Modules

There are no modules declared in this project.

Vaadin-SpringSecurityViewProvider

Build Status Maven Central

This add-on has the following goals:

  • Integrate Spring Security into a Vaadin application
  • Make Vaadin Views Spring managed prototype beans available through / for a navigator
  • Simple description of views and no redundant @Component and @Scope on every view

Prerequisites

Protecting your appliction

I recommend using the following setup of the SpringSecurityFilterChain, a dispatcher servlet and the SpringVaadinServlet like this in web.xml

	<servlet>
	    <servlet-name>web</servlet-name>
	    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
	    <load-on-startup>1</load-on-startup>
	</servlet>
	<servlet-mapping>
		<servlet-name>web</servlet-name>
		<url-pattern>/</url-pattern>
	</servlet-mapping>
    <servlet>
        <servlet-name>application</servlet-name>
        <servlet-class>ru.xpoft.vaadin.SpringVaadinServlet</servlet-class>
        <init-param>
            <param-name>beanName</param-name>
            <param-value>application</param-value>
        </init-param>
    </servlet>
    <servlet-mapping>
        <servlet-name>application</servlet-name>
        <url-pattern>/app/*</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
		<servlet-name>application</servlet-name>
		<url-pattern>/VAADIN/*</url-pattern>
	</servlet-mapping>

Your login page can be a simple JSP page, a Spring JSTL view or whatever you like. It may not live under /app.

Examples and usage

Have a look at SpringSecurityViewProviderTest for an usage example and setting up basic security. There is also a blog post about the original idea.

In your UIs init method create a navigator and add the SpringSecurityViewProvider like this:

final ComponentContainerViewDisplay viewDisplay = new ComponentContainerViewDisplay(this.mainContent);
this.navigator = new Navigator(UI.getCurrent(), viewDisplay);
this.navigator.addProvider(SpringSecurityViewProvider.createViewProvider((Authentication) request.getUserPrincipal()));

License

Apache License, Version 2.0

Copyright 2013-2017 ENERKO Informatik GmbH

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

  http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Versions

Version
0.2.1