Spring Security Token Authentication - RESTful JSON Service

Question

I\'m looking to use Spring Security for a Spring MVC application which will strictly be a JSON web service. I\'ve done some research and read a few articles but haven\'t really

Answer 1

In my case I found it easier to replace the org.springframework.security.web.context.SecurityContextRepository in org.springframework.security.web.context.SecurityContextPersistenceFilter with an implementation that shares the SecurityContext among several tomcat nodes. The client keeps sending a token jsessionid-like but I can do a simple round-robin load balancing and don't have to worry about session replication.