Spring Security without XML?

[hwellmann]

Now that Spring 3.1 finally got rid of the last bits of mandatory XML configuration by means of @Enable... annotations, I wonder if it's also possible to use Spring Security in pure Java mode. The Spring Security 3.1 manual does not mention this topic.

Best regards,
Harald

[Rob Winch]

You can use pure java but there is no easy way to do it (i.e. you need to know all the internal objects). For this reason it really isn't recommended. You might consider taking a look at Luke's blog post about Scala Spring Security project, but at this point this is more of a "fun to try" project.

[hwellmann]

You can use pure java but there is no easy way to do it (i.e. you need to know all the internal objects).

Yes, that's precisely the problem with custom namespaces in general. It's not so easy to translate some of the legacy XML examples from the Spring Core manual to Java, because the relation between XML elements and Java classes is not clearly documented.

But a simple table mapping <foo> to FooImplBean would help...

Best regards,
Harald

[jbbarquero]

I agree with hwellmann.

I wish to know the classes involved when you use an XML tag from the security namespace.

At least, the classes that are created as a result of the tag. But I also would like to know which handler manages each tag.

I've found some of them "digging" (¿"diving"?) in the source code, but it's some kind of mistery which classes are going to be created when you write sec:someSecurityStuffTag ...