Reputation: 31
Spring Security for RESTful webservice
I am developing a RESTful web service as a back-end layer for mobile application. This service receives combination of device id (as user id) an a pin (as password), and passes to another back-end service, that validates and returns the status of successful login along the user information, in case, the user is authorized. My service is not validating the user. And mobile sends sub sequent requests to my RESTful service.
So, please suggest, how can I make all this system(especially the RESTful) secured, using Spring security.
I am using a Tomcat server, Spring and Jersey
Upvotes: 0
Views: 52
Answers (1)
Reputation: 317
I recently implemented a method to secure my existing RESTful APIs in Spring. I have used a token based authentication model using OAuth2. In my project, I wanted to secure my API's in a way that every request is individually authenticated and authorised based on the token present in the header. If this is something you are looking for, then I would highly recommend you to take a look at the documentation here. If there is anything you are stuck at while implementing it. Please do let me know.
Also, you can find multiple projects for Spring and OAuth here
Upvotes: 0
Related Questions
- What's the difference between REST & RESTful
- What's the difference between @Component, @Repository & @Service annotations in Spring?
- How to configure port for a Spring Boot application
- HTTP response code for POST when resource already exists
- Why is char[] preferred over String for passwords?
- What exactly is RESTful programming?
- Posting a File and Associated Data to a RESTful WebService preferably as JSON
- RESTful URL design for search
- RESTful Authentication
- How should I ethically approach user password storage for later plaintext retrieval?