Spring Security provides an extremely flexible alternative to the container-based security support provided out-of-the-box with BlazeDS. Spring BlazeDS Integration provides explicit integration support for incorporating Spring Security smoothly into your Flex/BlazeDS application. Spring Security provides a wealth of different configuration options, but rather than go into the many different combinations here, we'll leave most of that to the Spring Security documentation.

Here is a typical simple Spring Security starting configuration for use in conjunction with the explicit integration features provided by Spring BlazeDS integration:

<beans:beans xmlns="http://www.springframework.org/schema/security"
  xmlns:beans="http://www.springframework.org/schema/beans"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://www.springframework.org/schema/beans 
                      http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
                      http://www.springframework.org/schema/security 
                      http://www.springframework.org/schema/security/spring-security-2.0.4.xsd"> 
    
    <http entry-point-ref="preAuthenticatedEntryPoint" />
    
    <beans:bean id="preAuthenticatedEntryPoint" 
        class="org.springframework.security.ui.preauth.PreAuthenticatedProcessingFilterEntryPoint" />
    
    <authentication-provider>
		<user-service>
	    	<user name="jeremy" password="atlanta" authorities="ROLE_USER, ROLE_ADMIN" />
	      	<user name="keith" password="melbourne" authorities="ROLE_USER" />
		</user-service>
	</authentication-provider>
    
</beans:beans>
		

We will assume the above configuration is in place for the remainder of the examples in this chapter.