Results 1 to 2 of 2

Thread: Implementing token based auth for RESTful service API

  1. Sep 2nd, 2011, 08:56 AM #1
    fedotxxl
    fedotxxl is offline Junior Member
    Join Date
    Jan 2011
    Posts
    11

    Default Implementing token based auth for RESTful service API

    Hello

    I would like to create the following API:
    /api-login - logins user and returns token
    /api/{token}/add - add user's item

    Am I able to define 2 different Spring Security configurations - main security config and API security config? The problem is that after login Spring Security gets login information from session. This is correct for main security area but not for API
    Reply With Quote Reply With Quote
  2. Nov 1st, 2011, 05:22 AM #2
    Fishbeast
    Fishbeast is offline Junior Member
    Join Date
    Jul 2009
    Posts
    15

    Default

    you could implement a spring security filter at position "PRE_AUTH_FILTER" that checks if the token is present in a http-header. (eg. in J_SESSIONID). this way the browsers understands it too.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules