Java MVC or Rest based approach with security [closed]

Question

Closed. This question needs to be more focused. It is not currently accepting answers.

---

Want to improve this question? Update the question so it focuses on one problem only by editing this post.

Closed 3 years ago.

Improve this question

I am working in designing Java-based web applications. Although, I have worked with Java core still a novice in designing web-apps and do not have enough confidence in what I am thinking is correct or not?

So, the thing is, we are a team of two, I am working with backend using Java and the other person with the front end. I have to implement web-app having a login, signup pages followed by the dashboard page where the user will do whatever the app is for.

Following are my doubts:

1. I have thought of using MVC frameworks like Spring MVC/Struts etc. but I feel that my frontend pages will be bound in the same .war file as the classes. Is it true?

2. If that's true, how I can implement security? can SSL be used?? ad what is the importance of Spring Security or Apache Shiro?

3. Isn't it the case that using MVC framework is also bounding my pages to be .jsp? (I want it to be .html).

4. or, use Rest API for all the functionalities and abstract the front-end from the backend. And, then bind the entire backend with SSL? Does it sound to be a better solution giving my requirement?

I would really appreciate if you could advise a better solution.

I apologize if my questions are too vague or are not the proper forum, I don't know where else to post this.

Thanks :)

Answer 1

First you have to decide which way you will do!

1. If you don't want the frontend part as different application as if you want to use MVC (not REST) then it will be bound in the same .war.
2. Surely you can use SSL. And security implementation is depends on you and your requirement. Yes Spring security is good choice if you use Spring MVC. Shiro is also good too. The importance is they give you tons of feature to implement security thing of your application as those are framework.
3. No. JSP bounding is optional now in Spring MVC. You can also use Thymeleaf as templating engine which modern than JSP and it uses html extension as default. (Spring's current templating engine is also Thymeleaf)
4. It depends. Because if you use REST for backend and different app for frontend then you have to maintain two different app. If you think the frontend and backend services should be independent and loosely coupled then it is good choice(remember in this case you have to implement security in both side). Or else the frontend is only for the backend service then it is better to be one application.

You can use both REST and MVC pattern in single app. You can separate the part. As it is better to give the dummy json to frontend devs to design the frontend and in the mean time you can implement those REST services. You can do it for most data exchanging part. And you can use MVC for those part of your application is different context(e.g. login, home page, signup,...)

Hope it can help you!