Storing credentials in a REST environment

This recipe presents a solution for storing credentials in RESTful applications.

Getting ready

The solution is a compromise between temporary client-side storage and permanent server-side storage.

On the client side, we are using HTML5 session storage to store temporarily the usernames and passwords encoded in base 64. On the server side, only hashes are stored for passwords. Those hashes are created with passwordEncoder. This passwordEncoder is registered in Spring Security, autowired, and used in the UserDetailsService implementation.

How to do it...

Client side (AngularJS)

We have made use of the HTML5 sessionStorage attribute. The main change has been the creation of a httpAuth factory. Presented in the ...

Get Spring MVC: Designing Real-World Web Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Spring MVC: Designing Real-World Web Applications by Shameer Kunjumohamed, Hamidreza Sattari, Alex Bretet, Geoffroy Warin

Storing credentials in a REST environment

Getting ready

How to do it...

Client side (AngularJS)

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly