Spring Security support for Vaadin Spring add-on (Flow version)

[vaadin-bot]

Originally by Matti Tahvonen on 2015-09-08 17:15:44 +0300

---

Spring Security is a commonly used library in Spring based software stacks. Vaadin Spring (or its submodule) should contain helpers to make integrations with Vaadin UIs easier. This has already been experimented quite a lot in vaadin4spring and something similar should be brought into the official Vaadin Spring library.

See: https://github.com/peholmst/vaadin4spring/tree/master/extensions/security

---

Imported from https://dev.vaadin.com/ issue #18817

[Legioth]

Got a hint that org.springframework.boot.actuate.autoconfigure.security.EndpointRequest might be quite close to how we would want to deal with whitelisting access to static resources.

[paulroemer]

For the old Vaadin 8 implementation check https://github.com/peholmst/vaadin4spring/tree/28e454032301e7f79a3f0d2e61a984d00b5ba1e4/extensions/security

Extensions have been deleted in master.

[bram-pkg]

Is there any update to this? The current guide on how to implement security is in my opinion quite hacky and manual.

[TatuLund]

There is a series of tutorial for newest framework versions here

https://vaadin.com/learn/tutorials/securing-your-app-with-spring-security

[bram-pkg]

This is what I meant, back in Vaadin 8 you could use the @Secured annotation on Views. Is something similar to this planned?

It would be really nice to see support for the Spring Security annotations like the one mentioned earlier or @PreAuthorize()

[mshabarov]

@mstahv this issue is now covered by View-based access checker feature in Flow, so I propose to close it. What do you think?

[mstahv]

This is done and done.