Which Java modules get Spring Security
- by HDave
I have a classic Java SOA application, with a web UI module, web services module, a service module (Java API), a domain module and a persistence module. In a sense, each of these modules has their own public API.
My understanding of Spring Security is that I can use web filters to handle the security of the web gui and web services, and method level security (via annotations) for the service module.
My question is this: should I bother to add method level security to the domain module and the persistence module or is that considered overkill?