Reputation: 181
Spring 3 REST android user authentication
I searched similar question here. Couldn't found one, so please excuse if this is duplicate.
I am writing a RESTful webservice using Spring 3.0.5. There will be few REST services which requires user authentication to update few database tables. Our system has USER table, so the authentication should happen against this table. The client is Android devices. The REST request/responses will be XML (not JSON or HTML). Now I have to implement security for the requests. I did search in forums/mailing list, but not able to find a solution for this. Any guide/ideas would be greatly appreciated. Thanks in advance.
Upvotes: 0
Views: 534
Answers (1)
Reputation: 3608
I suspect you'll need to add username and pw to the payload of your rest methods and have the client collect and pass those along.
If you do, you'll need to consider security implications. Encrypting the pw collected from the user and decrypt in your service before passing along or maybe you'd consider simply requiring SSL connection to be sufficient.
Also, you want to make sure youre using POST and not GET to connect to the service as that would expose the username and pw stuff in the url.
Upvotes: 1
Related Questions
- Making authenticated POST requests with Spring RestTemplate for Android
- How to use RESTful with Basic Authentication in Spring Boot
- Spring boot Restful API: Simple authentication
- Spring Rest authentication
- Authentification from Android Device against Spring Security Rest API
- Spring REST, user ressource and password
- Spring authentication through REST Service
- REST Authentication
- Handling Authentication using restful web service in android
- User Authentication using REST