0
Galley,
I’m starting the development of a system (java), and I’m having doubts about the technology. The system is totally restricted (login/password) and will be made available on the internet, so I need security. I know a little about Angularjs and wanted to use it for ease. So I thought about using Angularjs + Spring MVC + Spring Security. In my mind I prefer Spring because of the security module (I have some experience), I have already done tests and managed to put security in the services Rest without much work. My doubt is that some people find this unnecessary, prefer to make the front layer with fully unattended angular server and implement security manually, ie create something manual even to treat authorized users (session), and thus protect the system/services, this would be the solution Angularjs + JEE (Rest). This last solution would be based on creating tokens (or something like that) manually and treating both angular and Rest services, but at first I find this treatment more complex and prone to failures, the spring from my point of view already brings it ready. What is your opinion? Do you also prefer the front layer to be totally uncoupled? Or some suggestion (forget angular and start only spring mvc for example)?
I’ll run the project on a full JEE server. The application will have levels of users, that is, some pages and services can only be accessed by a user with admin profile for example.
Note: My knowledge of Spring MVC is not very broad, but I’ve done basic things and it seemed very simple.
Grateful.
Dude I don’t know Spring and I do it by tokens. When I log in to the system the back-end (Java) generates a token and sends this pro front. I store this token somewhere and every request I have a back-end processor that waits for this token and checks if it is valid. Each session has a token, I thought it cool to implement this solution.
– DiegoAugusto
Thank you @Techies!
– Welmau