Spring 3 Security

Use java 1.5 or higher when using spring 3 security. The most fundamental object in spring security is Security Context Holder. Security Context Holder use ThreadLocal to store security information. Inside Security Context Holder Authentication object is used to store principle information which currently interact with the application.

UserDetail is an Central Interface which can provide userInformation like email , employee number etc.. To provide those Information You need to provide the userService inside the spring context. You can include a custom userService by implementing UserDetailService interface. It has following method.

UserDetails loadUserByUsername(String username) throws UsernameNotFoundException

Spring provide Some UserService based on Memory Map and JdbcDao. You can use those or you can implement your own.

Spring Dependecy Lookup in a servlet

@Override
public void init() throws ServletException {
super.init();
ApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(getServletContext());
bonusTypeRepository = (BonusTypeRepository)ctx.getBean("bonusTypeRepository");
bonusCategoryRepository = (BonusCategoryRepository)ctx.getBean("bonusCategoryRepository");
}