Implementing Login for a Web Application Using an Authenticated REST Service

Perhaps my question is not clear, I am trying to explain:

I have implemented an authenticated REST service using Spring MVC + Spring Security. I have configured Digest Authentication , so I need to include credentials in every service request.

Now I need to implement a web client for this service. In a classic web application, I could implement a simple login form setting up FORM auhtentication, but in this situation, I don't know what the usual approach is to apply.

Since all requests require authentication, which resource should I call from a hypothetical login form? Do I have to implement a dedicated "login resource" to achieve this (ex:) /my-service/login

?

UPDATE : my idea is to authenticate users on first access and then store credentials on the client side to send them on every request. So I have to figure out a way to validate the user's credentials on the first request. Is there a standard way to implement this?

+3


source to share


1 answer


No login required, all requests include basic auth headers (username and pwd). Make sure basic authentication is enabled in spring security config.



<http use-expressions="false">
<intercept-url pattern="/**" access="ROLE_USER" />
<http-basic />
</http>

      

0


source







All Articles