Which one we need to choose on the following options for Spring Security

Need to implement Spring Security for a project.

Option1:

  Structure: User table, Permission table, Module table and PermissionGroup table
  User will have only one permission group.
  Permission table will have read/write/update etc.,
  Module will be product/sales/order
  Permission group table will be product - read/write, sales - read/write/update

Option2:

 Structure: User table, Roles table, Permission table,
 User can have 1 role
 Permission table will have as product_read, product_write, sales_read, sales_write

Comments on Option2:

 We can able to use Spring hasRole() kind of configuration for each method and can associate a role to it.
 Drawback: We cannot have dynamic roles as we can able to do it option1

Comments on Option1:

We can have dynamic groups however we cannot use spring hasRole(). Instead we need to get the manual decisions based on the http request - PUT/GET/POST and check for the permissions configured and decide whether to allow the URL or not in the interceptor.

Drawback:

This may not be a standard practice
What would be the best approach out of this two as well as preferable one?

Thanks.
Software ProgrammerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

girionisCommented:
If you need dynamic roles then go with option 1, if this is not an issue then I would go with option 2.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Software ProgrammerAuthor Commented:
Can u share some code snippet ideas to achieve option 1 ?
0
girionisCommented:
Sorry I cannot. The code we have is proprietary.
0
Software ProgrammerAuthor Commented:
Please help me with a relevant sample code snippet or any template for reference.
0
girionisCommented:
This is a valid answer.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Java

From novice to tech pro — start learning today.