File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Spring and the fly likes When to integrate Spring security in the project Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of REST with Spring (video course) this week in the Spring forum!
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "When to integrate Spring security in the project" Watch "When to integrate Spring security in the project" New topic

When to integrate Spring security in the project

Joe van Hagen

Joined: Jul 15, 2010
Posts: 1
Dear Author,

the book seems to be exactly what I'm looking for.

Do you also give rule of thumbs at which project phase Spring security should be implemented? Can Spring security easily be applied after implementing the features? Are there any pitfalls when integrating Spring security too late or the design is not compatible with Spring security?

Peter Mularien
Ranch Hand

Joined: Sep 06, 2007
Posts: 84
Hello Joe,

Glad to hear the feedback, and thanks for the great question!

In general I think it's important to design the application with an understanding of the concepts behind the security infrastructure, even if you don't incorporate security up front, especially for applications that are going to use complex techniques such as method-level security or ACLs. We do cover some techniques for planning authorization at the page level using Visio or other diagramming tools as well. It's quite common for applications to add Spring Security to either augment existing, unsecured applications, or to replace homebrew security infrastructure.

Hope that answers your question!


Author, Spring Security 3 (the Book), Packt Publishing, 2010
I agree. Here's the link:
subject: When to integrate Spring security in the project
It's not a secret anymore!