开发者

specific user data using Spring 3 REST

I'm trying to find the standard way to handle user authentication in a RESTful webservice using spring.

i want to allow a LOGGED IN user to access only specific information that applies to him.

i found 2 ways of doing that:

  1. using HandlerInterceptorAdapter i can take the HttpServletResponse and from it i can take the session. in the session i can save the user 开发者_如何学Cand that way i can know if he's logged in and if i can deliver him the data he's requesting.
  2. i can create tables in my database that'll contain tokens. when a user logs in he'll receive a token. he'll have to provide that token every time he asks for any information.

what is the standard way of doing that ?

thanks !


You should look at Spring Security

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜