All geek questions in one place

AngularJS + Jersey RESTful: Authentication and Authorization

I am creating an AngularJS web application that uses Jersey as a provider of RESTful ws. I want users to be able to log in and perform only certain operations. Should I use OAuth for this? I saw people often mention OAuth in the context of giving third parties access to data in your backend owned by some users (for example, to log in to Facebook), but in this case it will be just me, my third-party call is my backend.

I used to do this using JSF and CDI, but I decided to switch to Angular, so now my backend and interface are not β€œglued”, as it was before. Should I use OAuth for this use case? Is there a better way to do this?

+4
source share
1 answer

If you want to have a loosely coupled API that can be used from other interfaces and / or services, OAuth is definitely a way, in my opinion. It can also save you a lot of headaches in a cross-domain domain (IE9 does not allow cookies, authentication, etc., for example, to include in cross-domain requests).

If you are absolutely sure that this will be your own interface, I would consider placing the API in the same web application that would solve authentication using the same interface as the external interface.

0
source

Source: https://habr.com/ru/post/1493421/

More articles:


All Articles