Reputation: 135
Best Way to pass parameters from UI to backend
What is the best way to send password from front end to back end when using the Rest based Web Services ?Is sending the password in encrypted form from Ui is enough to make the process secure? Is it correct to pass parameters in request headers? If not what is the best approach?
Thanks in advance
Upvotes: 2
Views: 2547
Answers (2)
Reputation: 5353
There is no point encrypting a password from the UI, someone that would want to attack it can get your javascript source easily to get they key. If you use a hash, he can just send the same hash to the server.
Just put the password as is over an HTTPS connection and stay over SSL if you have a cookie with a session.
For the rest i'll link what herrh as linked in his comment : Best Way to pass parameters from UI to backend
Then answer of Endless is just the best you can have and this is what is done in the SE sites.
Upvotes: 2
Reputation: 730
If its a global application, I would say go ahead and pass user id and maintain a authorization layer to access any of the controller. and if its a application for certain company or domain, try using ADFS for authentication and authorization.
Upvotes: 0
Related Questions
- How do I return the response from an asynchronous call?
- How can I remove a specific item from an array in JavaScript?
- Is Java "pass-by-reference" or "pass-by-value"?
- How do I pass command line arguments to a Node.js program and receive them?
- How do I remove a property from a JavaScript object?
- What is the most efficient way to deep clone an object in JavaScript?
- Create ArrayList from array
- Response to preflight request doesn't pass access control check - No 'Access-Control-Allow-Origin' header
- Is Safari on iOS 6 caching $.ajax results?
- What is the best way to add options to a select from a JavaScript object with jQuery?