We have a monolithic spring web application developed using Spring 3.2 and Spring-security 3.2 with Java 7 and it is deployed on tomcat 7.
I have to create a micro-service for a new module using spring boot with java 8. This micro-service will be deployed separately on different linux server.
I am looking for suggestion/idea how to implement security to have communication between existing Spring 3 application and new spring boot module.
Top comments (1)
It depends from desired security model. If your new service is backed only, and integration model is server - server, basic server auth is enough for most cases. If client privileges is needed, jwt token could be good options, as no db for shared state needed.