Securing your Flex application with Spring Security and Active Directory
 Download Sample |
See also my follow up article: Securing your Flex app: smart card authentication with Spring Security
The goal of the current article is to provide a clear overview how to integrate a Flex application with Active Directory using the authentication and authorization mechanism offered by the new Spring Security.
Before downloading the sample project, you should have: Java web app server (I'm using Apache Tomcat) and Active Directory with login credentials. Instead of AD you can use any LDAP directory server (for example ApacheDS).
To run the sample Flex project you don't need download extra .jar or .swc libraries or create a Java project with an IDE. Just unzip the sample project into your Tomcat webapps directory and change LDAP server settings. However, to recompile the Flex project you should download the Flex source project with Granite DS library granite.swc, add it to the Flex Build Path and to define Flex Server. The directory structure for the project looks like.
For those who don't know: Spring is an lightweight Java framework. Spring Portfolio includes now the Spring Security 2.0. providing comprehensive security services for J2EE-based enterprise applications. Spring Security 2 builds upon the popular Acegi Security, but it is much easier to use than former Acegi Security. Rod Jonson, creator of the Spring framework, noticed recently that one of the problems with Acegi Security was that it was very powerful but it wasn't simple to use.
