Spring Security – Home

Getting the Source

It is much easier to debug your application or to work out where a problem lies if you don't treat the external code you are working with as a black box which you never look inside. The first thing you should do when an exception you don't understand is thrown from an open source library is jump to the class and line number and take a look to figure out what the code was doing there. Otherwise you're missing out on much of the benefit of using open source code.

With this in mind, we'd always recommend that if you are working with Spring Security (or any other open source code, for that matter) that you have the source available in your IDE as you work. Often the easiest way to do this is to use the source jars which are uploaded to the Maven central repository, but you can also check out the source directly from the SpringSource git server. This is convenient if you want to build the project yourself, build and run the samples and so on.

Git Access

Spring Security uses git for version control. From the command line, you can use the command 

 git clone git://github.com/SpringSource/spring-security.git
to obtain a copy of the source repository.

Building Spring Security

Just follow the steps below to build Spring Security. This is often the simplest way of working with the sample applications.

Spring Security now uses Gradle for building (version 1.0-milestone-1 or later is required). You don't need to have gradle installed in order to use it since we take advantage of gradle's "wrapper" script. Assuming you've already checked the source out from git, just run the command 

  gradlew build
from the project root directory to build the jars (you will need an internet connection, in order to download required dependencies). If you want to install the jars in your local Maven repository, you can then run 
  gradlew install
or you can run both tasks at the same time, like so 
  gradlew build install

You can also run the sample web applications directly using gradle's Jetty plugin. For example, to run the contacts sample 

cd samples/contacts
gradle jettyRun
which will start the server on port 8080. You can then access it using the URL http://localhost:8080/contacts. The CAS sample application is slightly different in that it runs both a CAS server and a client web application as two separate processes. Run the pre-defined task 
gradle cas
to start both. You can then access the client sample app by pointing your browser at https://localhost:8443/cas.

Note that the sequence above will build the very latest code from the master branch of Spring Security. If you have cloned the Spring Security code repository using git, you can easily switch to a different version by checking out a specific release tag. For example 

git checkout 3.1.0.M2
will reproduce the state at the 3.1.0.M2 release.