Skip to content
/ spring-stateful-rest-security Public

How to secure stateful rest-like backend with spring security. (WTF? Stateufil REST? Don't ask.)

1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

miroslav-matejovsky/spring-stateful-rest-security

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
gradle/wrapper
gradle/wrapper
 
 
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
build.gradle
build.gradle
 
 
gradlew
gradlew
 
 
gradlew.bat
gradlew.bat
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

spring-stateful-rest-security

How to secure stateful rest-like backend with spring security. (WTF? Stateful REST? Just because.)

see sk.bsmk.controllers.SecurityIntegrationTest for details

POST /rest/login

Only resource that is not protected with csrf token. After successful login, csrf-token is returned in headers.

GET /rest/secured

Resource accessible only with correct csrf token. After each request new csrf-token is generated and returned in headers. (see sk.bsmk.security.CsrfTokenGeneratorFilter)

POST /rest/logout

Session is terminated.

About

How to secure stateful rest-like backend with spring security. (WTF? Stateufil REST? Don't ask.)

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Languages