Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

When to integrate Spring security in the project

 
Joe van Hagen
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Dear Author,

the book seems to be exactly what I'm looking for.

Do you also give rule of thumbs at which project phase Spring security should be implemented? Can Spring security easily be applied after implementing the features? Are there any pitfalls when integrating Spring security too late or the design is not compatible with Spring security?

Thanks!
 
Peter Mularien
Author
Ranch Hand
Posts: 84
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Joe,

Glad to hear the feedback, and thanks for the great question!

In general I think it's important to design the application with an understanding of the concepts behind the security infrastructure, even if you don't incorporate security up front, especially for applications that are going to use complex techniques such as method-level security or ACLs. We do cover some techniques for planning authorization at the page level using Visio or other diagramming tools as well. It's quite common for applications to add Spring Security to either augment existing, unsecured applications, or to replace homebrew security infrastructure.

Hope that answers your question!

Peter
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic