Is spring integration supported/planned?

[jarey]

Hello,

It seems that OACC follows an interesting approach to seucirty and permissions management. Would it support spring integration out of the box? Correct me if i'm wrong and it is already supported, because i haven't digged enought into the framework yet.

Thanks in advance

[WerVbn]

I would like to know that too. I would like to secure a REST-API build with Spring and use OACC for permission management. Could someone please provide me with information how to start to use OACC in spring?

[fspinnenhirn]

The quick answer is that there is no reason why you couldn't use OACC within a Spring application or any other framework to build REST APIs. In fact, the SecureTodo sample application provides a simplistic example of a RESTful application, to illustrate some of the core OACC concepts (but using Dropwizard instead of Spring). On the other hand, if you're looking for integration that ties directly into Spring and would let you use Spring annotations on top of an OACC backend, for example, then I'm not aware of any such project that provides this out of the box, at this time. I'm honestly interested to see how far such an integration can be taken, but haven't had time to play with that idea, myself. So if you do find something - or decide to develop it yourself, please share!

[WerVbn]

In spring, you have to add a custom authentication provider in order to authenticate and to create an access control context with OACC. You can pass the OACC context back from the custom authentication provider to your controller/service to start using the framework for authorization purposes.