Multi-user restful api using spring boot, jpa and security

Question

Multi-user restful api using spring boot, jpa and security

I want to create a multi-user api where users go to the recreation service and have their own space to tell the booking class. Orders are not distributed between users.

I'm struggling to figure out what the best example is for creating this using as much spring loading magic as possible.

I use spring boot jpa and define user class and reservations with @Entity.

My reservation then refers to this user class. However, is there a way that I can use @RepositoryRestResource or a similar annotation to automatically isolate data models for each user, and then use spring Security to protect the CRUD endpoint, or do I need to create my own @RestResponse that searches for users based on their Authorization, and then create the findByUser method to perform isolation?

(note that I'm new to Spring, spring Boot, etc.)

Edit: I was offered a glimpse into the ACL, but I'm struggling to find good SIMPLE resources by explaining how they work.

+7

spring spring-data-jpa spring-security

Haydon ryan Nov 11 '15 at 2:06

source share

1 answer

Mathias dpunkt · Answer 1 · 2015-11-11T10:08:39+0000

If you really have isolated data for each user, and you want the transparent mechanism to be able to select or update only the data that you are allowed to see, you should look at T tclipelink multitenancy support.

http://wiki.eclipse.org/EclipseLink/Development/Indigo/Multi-Tenancy

Here is the question with the accepted answer about setting this in spring -data-jpa Multiple leases with spring data jpa and eclipelink

Also sleep mode seems to support multi-user operation http://docs.jboss.org/hibernate/orm/5.0/userGuide/en-US/html_single/#d5e3197

But keep in mind that requests for objects with multi-level support are then always filtered by the tenant ID, so the separation is pretty strict.

Multi-user restful api using spring boot, jpa and security

More articles: