Spring Security provides authentication and security for enterprise applications.

Dec 7, 2017 | Viewed : 26

Spring Security is a Java/Java EE framework that provides authentication, authorization and other security features for enterprise applications. The project was started in late 2003 as 'Acegi Security' (pronounced Ah-see-gee) by Ben Alex, with it being publicly released under the Apache License in March 2004. Subsequently, Acegi was incorporated into the Spring portfolio as Spring Security, an official Spring sub-project. The first public release under the new name was Spring Security 2.0.0 in April 2008, with commercial support and training available from SpringSource.


Key authentication features

LDAP (using both bind-based and password comparison strategies) for centralization of authentication information.

Single sign-on capabilities using the popular Central Authentication Service.

Java Authentication and Authorization Service (JAAS) LoginModule, a standards-based method for authentication used within Java. Note this feature is only a delegation to a JAAS Loginmodule.

Basic access authentication as defined through the IETF Request for Comments 1945 standard.

Digest access authentication as defined through the IETF Request for Comments 2617 and RFC 2069 standard.

X.509 client certificate presentation over the Secure Sockets Layer standard.

CA, Inc SiteMinder for authentication (a popular commercial access management product).

Su (Unix)-like support for switching principal identity over a HTTP or HTTPS connection.

Run-as replacement, which enables an operation to assume a different security identity.

Anonymous authentication, which means that even unauthenticated principals are allocated a security identity.

Container adapter (custom realm) support for Apache Tomcat, Resin, JBoss and Jetty (web server).

Windows NTLM to enable browser integration (experimental).

Web form authentication, similar to the Servlet container specification.

"Remember-me" support via HTTP Cookies.

Concurrent session support, which limits the number of simultaneous logins permitted by a principal.

Full support for customization and plugging in custom authentication implementations.


Who we are and What we can do:

We have a powerful software development team and the following is about our programmers' technologies.

Programming Languages: Java, PHP, C++,

Background Development

1.Frame:SpringMVC + Hibernate + Spring Security or SpringMVC + ibatis + Spring Security

2.Cross-Platform Cross-Application Sharing Agreement: Soap, Restful


Server-Side Development:

Tomcat Cluster, Memcache, High-Performance Http Accelerator, Varnish LVS Load Banlancing Cluster

Instant Messaging: RabbitMQ Cluster, MQTT Cluster

App Development: Android App, IOS App

Primary Development Tools : Android Studio, Xcode

Primary Development Environment: Windows, Linux, Mac


Online Service