Android客户端和Grails RESTful服务的用户登录架构
[英]User login architecture for Android client and Grails RESTful services
问题描述
Unfortunately I haven't any tried and tested code for this, simply because I think there may be various ways to do this, but I am simply looking advice on which is best, as security and authentication is not my strong point. 
不幸的是,我没有经过任何尝试和测试的代码,仅仅是因为我认为可能有多种方法来执行此操作,但是我只是在寻找最佳方法的建议,因为安全性和身份验证不是我的强项。
I wish to have initially 2 clients - an android app and a grails based web client, both hitting grails RESTful web services. 我希望最初有2个客户端-一个Android应用程序和一个基于grails的Web客户端,两者都可以实现grails RESTful Web服务。 I have REST resources currently returning some data from the domain when using the web client, next step is to get the same data back into the android app. 我有REST资源,目前在使用网络客户端时会从域中返回一些数据,下一步是将相同数据返回到android应用中。 At the same time I want to integrate some user authentication so that the user must be logged in in order to receive back this JSON data from the REST layer. 同时,我想集成一些用户身份验证,以便必须登录用户才能从REST层接收回JSON数据。
In the past I have used Apache Shiro when creating a grails app when only using the grails web based client, is it possible to do the same with an android ap as the client? 过去,当仅使用基于grails网络的客户端时,我在创建grails应用程序时使用过Apache Shiro,是否可以使用android ap作为客户端来做同样的事情?
1 个解决方案
解决方案1
0 2014-09-08 08:33:40
In my Grails project with web/android front-ends I'm using for android auth a slightly extended version of SPRING_SECURITY_REMEMBER_ME token (yes, I'm using spring-security-core ++ plugin). 在我的带有Web / android前端的Grails项目中,我正在为android auth使用SPRING_SECURITY_REMEMBER_ME令牌的稍微扩展的版本(是的,我正在使用spring-security-core ++插件)。 This fits well in the application, is an easy to implement, tried and tested solution. 这非常适合应用程序,是一个易于实施,尝试和测试的解决方案。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.