0

We are planning to have multiple client views/UIs (E.g. Customer facing UI and Internal UI) on one (same) set of web services which perform end-to-end operation needed for both views/UIs including login. I am assuming this is possible with minor modifications to the out of the box code generated by Jhipster. Mainly around ..

 - enabling CSRF
 - changing WebConfigurator, ???
 - decoupling web services from UI into separate wars/apps
 - pointing to the new web services url in the client side
 - ???

I would like to know experts opinion on achieving the same, and kind of changes and effort involved.

Sudheer
  • 479
  • 1
  • 4
  • 9

1 Answers1

0
  • CSRF will work with JHipster 2, be careful as currently Spring Security and AngularJS don't use the same CSRF cookie (and thus, don't work!)
  • I would limit the URL access, maybe by IP adress, either in the Spring Security configuration or per endpoint (by adding security annotations per endpoint)
Julien Dubois
  • 3,678
  • 1
  • 20
  • 22
  • Thanks for the inputs Julien. In the second point hope you are referring to accessing rest endpoints from external/seperated UI. Also can you comment on **decoupling web services from UI into separate wars/apps** – Sudheer Dec 31 '14 at 09:26