Spring Security Namespace Designs


The namespace is designed to capture the most common uses of the framework and provide a simplified and concise syntax for enabling them within an application. The design is based around the large-scale dependencies within the framework, and can be divided up into the following areas:

  • Web/HTTP Security – the most complex part. Sets up the filters and related service beans used to apply the framework authentication mechanisms, to secure URLs, render login and error pages and much more.
  • Business Object (Method) Security – options for securing the service layer.
  • AuthenticationManager – handles authentication requests from other parts of the framework.
  • AccessDecisionManager – provides access decisions for web and method security. A default one will be registered, but you can also choose to use a custom one, declared using normal Spring bean syntax.
  • AuthenticationProviders – mechanisms against which the authentication manager authenticates users. The namespace provides supports for several standard options and also a means of adding custom beans declared using a traditional syntax.
  • UserDetailsService – closely related to authentication providers, but often also required by other beans.

SOAP Vs REST Web Services


SOAP REST
1) SOAP is a protocol. REST is an architectural style.
2) SOAP stands for Simple Object Access Protocol. REST stands for REpresentational State Transfer.
3) SOAP can’t use REST because it is a protocol. REST can use SOAP web services because it is a concept and can use any protocol like HTTP, SOAP.
4) SOAP uses services interfaces to expose the business logic. REST uses URI to expose business logic.
5) JAX-WS is the java API for SOAP web services. JAX-RS is the java API for RESTful web services.
6) SOAP defines standards to be strictly followed. REST does not define too much standards like SOAP.
7) SOAP requires more bandwidth and resource than REST. REST requires less bandwidth and resource than SOAP.
8) SOAP defines its own security. RESTful web services inherits security measures from the underlying transport.
9) SOAP permits XML data format only. REST permits different data format such as Plain text, HTML, XML, JSON etc.
10) SOAP heavy weight operation. REST is light weight and suggested to use in lower band with scenarios such as accessing applications using mobile devices.
11) SOAP is less preferred than REST. REST more preferred than SOAP.