Reputation: 13
Combining Vaadin Admin UI and a REST API
Im working on an Spring Boot application which should have two parts: One Admin UI-Part done in Vaadin and one part consisting of REST-API Endpoints for a native application to consume.
Authentication of the Admin UI (Form-Login) should be completely different from the REST API (e.g. Basic Auth with a fixed token, or a token from the database).
What would be the best way to achive this? Since it's basically two different applications having the Data-access in common would it make sense / be possible two instanciate two spring application contexts? Or is it enough to configure spring security in a special way for example? Just adding a RestController and excluding the URL from SpringSecurity already brings me halfway to the solution, but what if I also want authentication for my REST-API? But completely different with its own application provider basically.
Upvotes: 0
Views: 626
Answers (1)
Reputation: 1816
Spring supports role based authorization and multiple authentication providers. So essentially you can give you admin users a special role and require this role in your Vaadin views to prevent ordinary users accessing the admin UI. You can also have separate authentication mechanisms in the same application, for example you could have your users authenticated via LDAP and you admins via a database. You shouldn't need to do separate application contexts.
Upvotes: 1
Related Questions
- Vaadin 23 Rest-API and UI in Spring Boot app
- How to integrate Vaadin as frontend microservice and Spring REST API as backend microservice
- How to properly integrate Vaadin with Spring Framework?
- Springboot, Vaadin and RestController
- Vaadin and Spring MVC Integration
- Spring Boot and Vaadin UI not accessible?
- Spring + Vaadin integration design patterns
- Integrating spring and vaadin
- Consuming REST web services in Vaadin
- adding vaadin ui to existing java web app