Reputation: 623
Token based authentication and authorization with ratpack and pac4j
I've used to securing rest api with spring security + spring session. This way allows me to auth client and generate his own session token which includes in every further request in header or cookie instead of login and password. I want to use this approach for ratpack + pac4j but I can't find any examples or documentation. Can anyone help me?
Upvotes: 2
Views: 1863
Answers (1)
Reputation: 879
See official docs on pac4j integration (unfortunately, it's scanty). Also you can use official example project on Github.
More precisely, use CookieClient for cookie-based auth and HeaderClient for header-based auth from pac4j-http module. Example project doesn't show usage of this clients, but their use is similar to other client from http module, like FormClient.
Upvotes: 2
Related Questions
- Why is it common to put CSRF prevention tokens in cookies?
- Authentication versus Authorization
- RESTful Authentication via Spring
- How Spring Security Filter Chain works
- What is token-based authentication?
- Spring Security - Token based API auth & user/password authentication
- Spring Security Token based Authentication
- Spring boot REST token authorization and authentication best practices
- Spring Security for URL with permitAll() and expired Auth Token