Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Can Spring Security Be Auto-Generated?

DZone's Guide to

Can Spring Security Be Auto-Generated?

I’ve generally found Security requirements are easy to state, but hard to implement. So have been wondering if I can autogenerate my Spring Security configuration.

· Java Zone
Free Resource

Bitbucket is for the code that takes us to Mars, decodes the human genome, or drives your next car. What will your code do? Get started with Bitbucket today, it's free.

I’ve generally found security requirements are easy to state but hard to implement. So, I've been wondering if I can autogenerate my Spring Security configuration.

Security Requirements

Common security requirements are:

  • Access controls on files/directories based on roles, IP address, etc.
  • Validation of credentials from an authentication provider

Coding

The problem with coding yourself is:

  • Security is complex, and you need to know what you're doing — there is a lot of information in the Spring Security manual.
  • Upgrades: Spring Security could upgrade and you could miss out on new features to improve your security.
  • Bugs: You could introduce a bug in your code.

It would be easier if I could define my security requirements into a website and autogenerate my security configuration.

Prototype

I’ve created a prototype of this idea at spring-security-generator, with the code released on GitHub.

2016-10-02-21_51_07-spring-security-generator

Future

I see this idea evolving to include:

  • Tutorial — soon to be released.
  • REST API security.
  • Automate creation of unit tests, login pages.
  • Best practice — what are the best practice for configurations of spring security?
  • Storing security configuration.

Are you using Bitbucket to accomplish your company's mission? Share your company’s mission with #Forthecode for a chance to be featured on our homepage, our social media channels, or win a free t-shirt!

Topics:
security ,configuration ,spring ,java

Published at DZone with permission of Martin Farrell, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}