November 2017
Intermediate to advanced
420 pages
10h 29m
English
Content preview from RESTful Java Web Services - Third Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Using JWT to secure RESTful services
We will now see how to secure RESTful services using JWT. Let's take the HR service developed in the previous chapter for this purpose. For illustration purposes, we will be abstracting the authentication as part of HRService. In a real-life scenario, the authentication service will be deployed in a separate server. The authentication function will validate the user credentials and respond back with the JWT token for valid users; otherwise, it sends an unauthorized status in response, as follows:
/** * Performs authentication of the user and generates JWT Token * * @return JWT Token in the Response */ @POST @Path("/login") @Consumes(APPLICATION_FORM_URLENCODED) public Response authenticateUser(@FormParam("login") ...