angularspringspring-bootspring-securityrole-base-authorization

Should i use Spring security role base authorisation OR angular Route Gards OR both?


Please what is the best practice, i am working on a project with spring boot on the backend and angular in the front, It's recommended to use both spring security role based and angular route guards, or just spring security would be enough. Thank you for your time.


Solution

  • Spring security Role based authorization and Angular Guards are not related.

    The Guards in Angular are used to allow the User to see certain parts of the Front End application. Just that.

    A Role based security it's used to allow the User to call certain endpoints if he does have certain roles.

    Now, should you use both of them? Sure. Would be enough just to implement Spring Security? Sure, but the front end application will not result user friendly.