Design question. Need some guidance in our approach to Spring Social and Security

[bytor99999]

So I have a web site which is currently using Spring Social, and we were using Spring Security, and everything was working. I could login with a user account, with Twitter or Facebook too. Connecting those accounts to the user account in our web app. It would also forward to a registration page if they login with Twitter/Facebook and don't already have an account with out website.

Well, now we are doing a little refactoring where all the security and registration stuff will be done in a separate Spring MVC Rest web app. So REST calls to /login /logout and /register. And this is going to be used by many apps/servers

So my question is, in your opinion, should I also move the Spring Social stuff to the auth-server too, or should I just keep it in the web app where it is now.

Thanks

Mark

[bytor99999]

I wish there was a delete to remove a forum post that well, it kind of pointless or shouldn't have been posted.

After quick thought, I really think moving the Spring Social code I have to the auth-server is the best idea, because it will allow a central place for all web apps and other apps we have to use the same code and authenticate once in one place. Kind of a SSO.

Thanks for reading

Mark