All geek questions in one place

How can I archive a Kerberize AngularJS application using the JBoss API

I have a great AngularJS application that uses the RESTful JBoss API (WildFly 8) to retrieve data. To integrate it into my corporate environment, Kerberos authentication is required for this. I see miles of documents and examples, and even some individual recommendations from an internal Java developer. My problem now, where in the architecture can / should Kerberization happen?

Is this when entering the AngularJS application? As if permission is not allowed?

Or am I challenging every API call? If so, how do I pass the Kerberos client ticket information into the API call?

If my question sounds scattered or naive, it is. This is my first interaction with Kerberos.

Help evaluate, thanks.

+4
source share
2 answers

I ran into the same problem / call with the PHP REST API on an Apache web server with Kerberos auth.

Since Angular is a pure client side, each request is executed as “you” in Kerberos terms, so you do not need to send a ticket. Your browser is already sending a ticket when a request is made.

I created an API endpoint for logging in (or checking the logon) in my PHP API, which is called before every locationChange in Angular. If the login action returns false or nothing at all, you are redirected to the access_denied.html page located next to index.html (Angular).

REST , .

( ) API.

web-, ;)

+2

jboss api, , java- php httpd , jboss :

https://github.com/dstraub/spnego-wildfly

, , tomcat, jboss wildfly ()... , ... front Angular JS API java

0

Source: https://habr.com/ru/post/1533186/

More articles:


All Articles