Using Spring Security with EJB or Spring?

Question

Using Spring Security with EJB or Spring?

I wanted to build an application based on Java EE 6, but the security mechanisms of Java EE are not sufficient and a pain for my needs. Spring Security is the best way to protect my application. Now I am wondering if Spring Security + EJB is a good combination or is it better to use only Spring.

I need method hooks, ACLs, and possibly access control for the URL pattern. The main problem I see is using EJB interception with Spring Security. This is problem? What other areas may be problematic?

Do you prefer Spring Security + EJB or Spring Security + Spring (only)?

As Scuffman said, the real question is: Java EE vs. Spring There is a good comparison from JBoss.

+3

java spring java-ee spring-security ejb

deamon Feb 10 '10 at 15:31

source share

3 answers

skaffman · Answer 1 · 2010-02-10T15:39:11+0000

Spring Security is different from Spring Framework. They work well together, but Spring Security does not require the use of the Spring Framework under.

So, in a very real sense, it doesn’t matter, the question is, do you prefer EJB3 or Spring, regardless of Spring security.

matt b · Answer 2 · 2010-02-10T15:34:25+0000

I am not very familiar with EJB, but I have always understood that this is, in fact, a data access technology or a way to distribute services.

Spring, Spring , . - Spring /, , EJB JDBC ..

Enrico giurin · Answer 3 · 2012-09-05T23:24:01+0000

, springsecurity ejb, : JAAS + springsecurity.

JAAS ejb , JMAS LoginModule, springsecurity.

EJB , jsr250 (RolesAllowed), spring .

In this way, I have achieved a clear separation between ejb and spring security, so my springsecurity protected business code is fully portable to any other kind of ApplicationServer, or it can even run as a standalone application.

Using Spring Security with EJB or Spring?

More articles: