Integration Spring Security 3 with GWT 2.1 REST/JSON application

I need to use Spring Security 3 in my application which is composed by Spring 3 for the server side and GWT 2.1 for the client side.

Client side and server side are totally decoupled, I mean they don't belong to the same project in the eclipse workspace (server side is managed by maven and client side uses prebuilt ant files) and till now they "communicate" each other using Rest/Json.

Googling I found some tutorials and tips about integration with Spring Secu开发者_开发技巧rity but all of them suppose that "client side" knows spring-server-side classes, and so using @Controller @Autowired etc under the gwt.server package. In my case this is not possible (or not clean to do).

Is there a way to use Spring Security and keeping the code "decoupled"? Maybe for every (rest) client request I should use "basic authentication"?

Thanks, Rand

Here are some links I found and used when implementing GWT/Spring Security:

http://blahti.wordpress.com/2010/02/04/basics-of-gwt-authentication/

http://www.javacodegeeks.com/2010/12/securing-gwt-apps-with-spring-security.html

In summary simply see GWT as static html pages to be served and rest calls just requests for static pages. Only if you want specific information in the client, which comes from spring security, like username, you need to add something to the server side, but this in your case can also be done via a rest call.

I just completed writing an article on how to integrate GWT with Spring security without having the need to use any JSP or static page.

You can check this in here : http://crazygui.wordpress.com/2014/08/29/secure-rest-services-using-spring-security/ I also posted a working example on GitHub.