HTML5移动应用安全
[英]HTML5 mobile app security
问题描述
I'm developing a html5+jquery+phonegap application. 
我正在开发一个HTML5 +的jQuery + PhoneGap的应用。 Server side is written in java and Spring MVC.And I hope to implement an authentication model as follows. 服务器端是用Java和Spring MVC编写的,我希望实现以下身份验证模型。
- client signs up using his email which would be used as his userID. 客户使用他的电子邮件注册,该电子邮件将用作他的用户ID。
- A token is sent to his email. 令牌已发送到他的电子邮件。
- He is given a screen to enter the token. 屏幕上将显示输入令牌的画面。
- That token is stored in the local storage of the client. 该令牌存储在客户端的本地存储中。
- everytime the client calls a webservice, his userID and token is sent by the app over https. 每次客户端调用Web服务时,应用程序都会通过https发送其用户ID和令牌。
- Server authenticates him and responds. 服务器对他进行身份验证并做出响应。
What are the options available to implment this kind of security from the server side? 什么是可供implment这种安全的从服务器端的选项? can Spring-security be used in this way? 可以以这种方式使用Spring-security吗? I tried to find any implmentation with Spring-security, but couldn't find any implmentation other than basic authentication. 我试图找到Spring-security的任何实现,但是除了基本身份验证之外,找不到任何实现。
1 个解决方案
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.