Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Can Spring Security Be Auto-Generated?

DZone's Guide to

Can Spring Security Be Auto-Generated?

I’ve generally found Security requirements are easy to state, but hard to implement. So have been wondering if I can autogenerate my Spring Security configuration.

· Java Zone ·
Free Resource

Learn how to build stream processing applications in Java-includes reference application. Brought to you in partnership with Hazelcast.

I’ve generally found security requirements are easy to state but hard to implement. So, I've been wondering if I can autogenerate my Spring Security configuration.

Security Requirements

Common security requirements are:

  • Access controls on files/directories based on roles, IP address, etc.
  • Validation of credentials from an authentication provider

Coding

The problem with coding yourself is:

  • Security is complex, and you need to know what you're doing — there is a lot of information in the Spring Security manual.
  • Upgrades: Spring Security could upgrade and you could miss out on new features to improve your security.
  • Bugs: You could introduce a bug in your code.

It would be easier if I could define my security requirements into a website and autogenerate my security configuration.

Prototype

I’ve created a prototype of this idea at spring-security-generator, with the code released on GitHub.

2016-10-02-21_51_07-spring-security-generator

Future

I see this idea evolving to include:

  • Tutorial — soon to be released.
  • REST API security.
  • Automate creation of unit tests, login pages.
  • Best practice — what are the best practice for configurations of spring security?
  • Storing security configuration.

Learn how to build distributed stream processing applications in Java that elastically scale to meet demand- includes reference application.  Brought to you in partnership with Hazelcast.

Topics:
security ,configuration ,spring ,java

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}