Develop authentication for user's before accessing RESTful Web Services
Question
I'm developing a set of RESTful Web Services in Spring framework for my application. I'd like to authenticate a user before he has access to these services. I have a set of user passwords and ID's encrypted and stored in a database and would like to know how can i authenticate a user before he can access the services. I did look into OAuth2 provided by Spring Security but i'm unsure whether that can be used to authenticate against a database in local.
Note: I'm not looking at the basic authentication where we pass the id and password in the url everytime. I'm looking at a one time authentication by comparing the values with database and to generate a session for the user which is good for about 10-20 minutes. Any help with the solutions is appreciated.
1 answers
solution1
0 ACCPTED 2018-01-30 05:31:16
Spring security does exactly this. You plug in an authentication provider, which authenticates a user based on your requirement - ldap, sql, oauth, saml etc. and for the subsequent requests, the user will not need to provide the credentials again until the session expires. Now there are multiple ways to store session details on the client side. You can do it through cookie or token based on your requirement.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.