Many applications using Spring Security for authentication will need to:
Build and install locally using mvn install
Add spring-social-security as a dependency for your webapp
For a simple "Hello World" app demonstrating spring-social-security see: https://github.com/socialsignin/spring-social-security-demo
To delegate the authentication for your app to Spring-Social, a number of spring beans must be set up.
To use the default beans/implementations/configuration, simply component scan:
<context:component-scan base-package="org.socialsignin.springframework.social.security" />
and register springSocialSecurityAuthenticationFilter as a custom filter in place of FORM_LOGIN_FILTER.
<security:custom-filter position="FORM_LOGIN_FILTER" ref="springSocialSecurityAuthenticationFilter" />
Also configure the entry-point for your app's authentication to be the page from which users can login/connect with a Spring-Social provider (usually a page with a form submit to ProviderSignInController or ConnectController), and configure an environmental property (socialsignin.signUpView) for a page where user can choose a username when creating an account which posts a "userId" to the url "/signup" (handled by SpringSocialSecuritySignUpController)
<bean id="springSocialSecurityEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"> <property name="loginFormUrl" value="/oauthlogin.jsp"/> </bean>
<security:http use-expressions="true" entry-point-ref="springSocialSecurityEntryPoint" ....
As an alternative to component-scanning for the default implementations, you have the option to register your own beans/provide custom implementations.
The classes which are registered as beans by default through component-scanning are:
Michael Lavelle (email@example.com)
You can also clone the project with Git by running:
$ git clone git://github.com/socialsignin/spring-social-security