Sometime, you have to host the API inside the same project where you serve your HTML pagesOr probably a more usual case which may happen when you use JQuery with a framework like Spring MVC, the web pages are protected with a login form but you have also some URLs used by Ajax requests coming… Continue reading Securing Ajax endpoints inside a Web project with Spring Security
Category: Security
Implementing CSRF protection with Angular-js
After 2 articles on the security, I continue with the set up of the CSRF protection using Spring security. The main idea behind is to prevent some one else to create (forge) a request without our authorization. Imagine that a page uses JavaScript to send something like https://my.bank.com/pay/15000/cayman_account, if you are connected to your bank… Continue reading Implementing CSRF protection with Angular-js
Angular-js and Restful web services access
Following my previous article about the integration of Spring Security with web services, I will now explain how I integrate it with an Angular-js project. For that purpose, I am a little bit lazy and I use a project I already written instead of building a completely new one. The project is a “funny” pet-store… Continue reading Angular-js and Restful web services access
Securing Restful web services using Spring-Security
After several months of silent, I woke up… With some security interests! The security is a common requirement on many web projects, and fortunately, Spring helps us to implement it. The most common way to do it is just defining a set of rules and letting Spring manage the login and so on. In this… Continue reading Securing Restful web services using Spring-Security