Hi Giuseppe, I think this explains how to secure the Connection, but not how to integrate the security mechanism of graniteds with that of spring-security. When integrating GraniteDs with Sprin-Security I would expect Login-attemts to GraniteDS to utilize the Authentication components of SpringSecurity and whenever a Service is called from Flex, that SpringSecurity will handle the permissions to execute that Service while GraniteDS will take care of securing the Connection itself.
Chris ________________________________________ Von: Giuseppe Romano <[email protected]> Gesendet: Freitag, 31. Januar 2014 11:28 An: [email protected] Betreff: Re: How to securing Apache Flex / GraniteDS Apps with Spring security Hi Massimo, look at http://www.granitedataservices.com/public/docs/3.0.1/docs/reference/flex/graniteds-refguide-flex.html#remoting.security In that chapter is explained step-by-step how to setup the security environment. -- Giuseppe Romano Skype name: giuseppe.romano.80 Mobile: +39 3404900103 On Fri, January 31, 2014 11:11 am, Massimo Perani wrote: Hi all, I built a Flex app (mobile & desktop) that calls a backend built in Spring and use GraniteDS to expose services. Now I'm trying to secure my services with Spring Security but I can't find a good example about it. I already exposed my services to other external application with SpringMVC (rest/json) there I used spring security with custom filter to check for a token in http header, but I can't use the same filter with GraniteDS servlet because from client side (Flex app) I can't set parameters into http header with GraniteDS... Can you give some advice about with type of authentication (basic, digest, custom...) to use and give me some good tutorial about securing Apache Flex application with GraniteDS? Thanks so much. Massimo
