Monday, January 21, 2013

Spring Security In Detail

How it works?

  1. AuthenticationManager(default impl - ProviderManager) is created with list of AuthenticationProviders (one such - AbstractUserDetailsAuthenticationProvider).

  1. An interceptor url is defined for j_spring_security_check with access true.

  1. An entry point can be URL (LoginUrlAuthenticationEntryPoint) or HttpResponse (BasicAuthenticationEntryPoint) which determines what needs to be shown to the user before authenticating.

  1. A login page with form action=”../../j_spring_security_check” and names j_username & j_password is created by Spring (Basic Authentication set) or by user. 

  1. And this login page url can be the entry point, so when anytime authorization expires or required, then it will redirect to that page.

  1. By default, UsernamePasswordAuthenticationFilter responds to above action URL and it looks for the names mentioned above in the HttpRequest.

  1. When the login form is submitted with username & password, it gets filtered by UsernamePasswordAuthenticationFilter.

  1. This filter creates an  Authentication (AuthenticationToken-UsernamePasswordAuthenticationToken) and calls the AuthenticationManager for authentication.

  1. Manager passes token (Authentication) to each of the providers in order declared.

  1. Each of the provider checks the type of token its looking for and if it matches, then just do the authentication (either uses retireveuser or just use cacheduser).

  1. If its authenticated successfully it returns a new Authentication object with all the details passed in and its set to the context available in SecurityContextHolder (SecurityContextHolder.getContext().setAuthentication(authResult)).

  1. On its failure, it just throws an AuthenticationException and that is set in the session attribute (SPRING_SECURITY_LAST_EXCEPTION).

Useful References

Wednesday, January 16, 2013

Hibernate Quick Reference

Hibernate Main Annotations

Entity - Defined for the class to denote it in the HQL
Table - Denotes the entity to be mapped to a table in DB
SecondaryTable - Mapping one entity to several tables in DB
Column - Defined for variables in an entity and mapped to a table's column in DB
Id - Indicates the primary key column of an entity
GeneratedValue - Provided to automatically generate the primary key values
- Strategy = GenerationType = TABLE, SEQUENCE, IDENTITY
TableGenerator(JPA) - Generates based on a 2 column key-value table
SequenceGenerator(JPA)- Generates based on the SEQ object in DB (only few DBs supports)
IdentityGenerator(JPA) - Generates based on Identity a database system property (only few DB supports)
GenericGenerator(Hib) - Specify custom generator
Embeddable - Defined for the class which can be added as a key in another entity
EmbeddedId - Denotes that the field is a key from another Embeddable entity (ex Address for Person entity)

Enumerated - Used to persist the enums (Ordinals/schema/table/catalog/column/type/String)
Proxy -
Cascade -

OneToOne -
OneToMany -
ManyToOne -
ManyToMany -
JoinColumn -
JoinTable -
PrimaryKeyJoinColumn -
MapKey -
MapKeyJoinColumn -

Hibernate Inheritance

Inheritance - Defines the inheritance strategy for the entities

JOINED - creates separate table for each class but have a joined primary key
SINGLE_TABLE - maintains only one table for all the parent child but differentiates based on discriminators
TABLE_PER_CLASS - Creates separate table for each parent child but have discriminators to associate

DiscriminatorColumn - Column used to join parent and child tables (name & type)
DiscriminatorValue - Value that separates the joined parent/child tables

Hibernate Criteria

createCriteria - creates and returns criteria for that Session for that entity
add() - applies the given criterion to the criteria
addOrder() - adds ORDER to the criteria
setMaxResults() - sets the limit or max results the criteria can return
setFirstResult() - sets the initial start number for the results (used in pagination)

Hibernate Fetch

Fetch - Retrieves the persisted data based on FetchMode

Join - Disables lazy load and performs a join when fetching A it fetches B which has a relationship with A
Select - Enables lazy loads the related collections, individual select queries
SubSelect - Loads the related collections inside a subselect statement
BatchSize - Used to restrict returned size of collections (uses select in statement)

Hibernate Filter

FilterDef - Definition for the filters that needs to enabled on the session (using enableFilter()) (name & collection of @ParamDefs)
ParamDef - Defines the parameter for the filter (name & type)
Filter - Applies the filter to gettermethod/relationship column (name & condition)

Hibernate Cache

First level cache - Session class level cache
Secondary cache - SessionFactory level cache, means between sessions it can maintain the cache
Query cache - Cache contents of a query resultset, used in repeated execution of same query

Cache -
CacheConcurrencyStrategy - READ_ONLY, READ_WRITE

Hibernate Search

Indexed -
Field -


list() vs iterate() - iterate() will be slower when the collection is not in session/second-level cache