Note: I’ve done a fair amount of research so far, including reading Spring Security in Axon and its preceding posts & issues linked therein.
We’re going to need to secure our domain instances using Spring Security. Can anyone point me to either an example where Spring Security is being used to authenticate commands and queries against particular aggregates, or advise me on best practices to configure this?
I suspect that likely integration points might be
CommandInterceptor, etc, but Spring Security in Axon concludes with a suggestion about
CorrelationDataProvider. That article is quite old (2015), so I’m not sure what has changed in the latest version of Axon.
Any advice would be appreciated. Thanks!