保护REST服务和Web应用程序的最佳方法
[英]Best approach for securing REST services and a web application
问题描述
I´m building a web application which comunicates server and clients through REST services (I´m planning to build a mobile app in mid term). 
我正在构建一个通过REST服务将服务器和客户端通信的Web应用程序(我计划在中期构建一个移动应用程序)。
I´ve used Spring Security in other web applications without REST services. 我在没有REST服务的其他Web应用程序中使用过Spring Security。 But I´m not sure if that approach is suitable for my scenario. 但是我不确定这种方法是否适合我的情况。
Is it possible secure both access to web pages and calls to REST services using Spring Security? 使用Spring Security是否可以安全地访问网页和调用REST服务? What would you recommend? 你会推荐什么?
Backend uses Spring Data + Spring MVC. 后端使用Spring Data + Spring MVC。
Thank you. 谢谢。
1 个解决方案
解决方案1
1 已采纳
Yes, Spring Security is a good way to secure both REST endpoints and traditional MVC webpages. 是的,Spring Security是保护REST端点和传统MVC网页的好方法。 The implementation can be similar for both your REST endpoints and MVC routes depending on your requirements. 根据您的要求,REST端点和MVC路由的实现可能相似。
Spring Security is a popular and effective way to add security to your Spring application. Spring Security是向Spring应用程序添加安全性的一种流行且有效的方法。 Since you already have experience with it, you should be able to secure your REST endpoints with relative ease. 由于您已经有使用它的经验,因此您应该能够相对轻松地保护REST端点。
Check out this detailed tutorial on securing REST routes with Spring Security to get started: https://spring.io/guides/tutorials/rest/5/ 查看有关使用Spring Security保护REST路由的详细教程,以开始使用: https : //spring.io/guides/tutorials/rest/5/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.