Spring RESTful Web Service and Android Authentication
Question
I have the following Spring Security configuration.
@Override
protected void configure(HttpSecurity http) throws Exception
{
http
.authorizeRequests()
.antMatchers("/admin/**").hasRole("ADMIN")
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.permitAll();
}
It works fine, but I want to have Android client application, that uses REST API. When I'm using API in Android app redirects me to web login page. This is desirable behaviour, but only in web app.
I have roles like Speditor, Accountant, Driver etc. All of them, except Driver, should be able to login in web application. On android I want to have separate login, that authenticates only users with a Driver role.
The problem is that I don't know how to separate these authentications, so that both applications (Web and Android) can use the same API. Can you give me some advice?
1 answers
solution1
0 2018-11-05 13:33:26
I had the same situation, with some differences. In my case, I separate in 3 clients, like the image below:
But, in my case, I have the same authentication for the three users/password. I think there is a way to do what you trying, but, you can start looking at how to authenticate with different clients.
Sorry for the English, I'm not a native Speaker, so I'm working on it.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.