Storing credentials in a REST environment

This recipe presents a solution for storing credentials in RESTful applications.

Getting ready

The solution is a compromise between temporary client-side storage and permanent server-side storage.

On the client side, we are using HTML5 session storage to store temporarily the usernames and passwords encoded in base 64. On the server side, only hashes are stored for passwords. Those hashes are created with passwordEncoder. This passwordEncoder is registered in Spring Security, autowired, and used in the UserDetailsService implementation.

How to do it...

Client side (AngularJS)

  1. We have made use of the HTML5 sessionStorage attribute. The main change has been the creation of a httpAuth factory. Presented in the ...

Get Spring MVC Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.