Spring – How to implement Spring Security on the Spring 4.0 RestFul web service


I just developed a simple restful web service by using Spring 4.0 and Hibernate 4.0, so it is without beans.xml file.

I would like to implement a Spring Security on the web service, since the roles will be performed on the HTTP functions GET, POST and DELETE, i.e. only admin who is allowed to DELETE, manager is allowed to do both POST and GET and the user can only GET data.

I'm looking for a detailed tutorial with example to implement Spring Security? or Do you think there is an easier security mechanism regardless it's strength?

Best Solution

I just found that they in Spring.io added a detailed tutorial with real example developed by Java 8 in their own website, so it is completely annotation-based, which helps for building a RESTful webservice with Spring, testing it and also securing it.

It is really awesome, located HERE