All posts tagged with 'Spring Security'

CSRF protection with Spring Security revisited


At the end of last year, Spring Security 3.2 was released and brought a lot of new features, among them a built-in “Cross Site Request Forgery” protection”. Nearly two years earlier i wrote my CSRF protection implementation with Spring Security 3.1, have a look here. I really like the built-in implementation and most of it […]

Read the complete article »

Vaadin & Spring: Integrating Vaadin with Spring Security


Note: You’ll find the complete working sources here: Vaadin-SpringSecurityViewProvider. Finally, the 2nd post in my Vaadin & Spring series. This time about describing, instantiating and managing views with and through Spring Security. I’m a big fan of Spring Security as it is – at least for my purposes – incredible easy to add some long […]

Read the complete article »

Disable jsessionid path parameter in Java web applications


Wow, this has driven me nuts… Most J2EE developers will know the ugly-as-hell ;jsessionid=BLAHBLAHBLAH appended as a path parameter to all urls of an application on the first call of a page that creates a session. Tomcat as of version 6 has the possibility to add the attribute ‘disableURLRewriting=”true”‘ to the context of the application […]

Read the complete article »