2

Here is how simple REST authentication would work:

  1. client connects to REST login endpoint and sends name\password;
  2. server sends 200 OK and some token;
  3. client keeps the token;
  4. client adds the token to every next request to the REST APIs.

However, If you implement the REST API service with Spring, you must not use http.formLogin() from Spring Security as it uses form based login (you will 302 redirects etc). Seems there is no straightforward and simplified way of implementing REST API authentication with Spring Security.

There are many good will advices but what's needed is a working standalone example as in the Spring Getting Started with Spring Boot that one can download, build and run.

https://spring.io/guides/gs/securing-web/is using UI. We need an example for a REST only microservice, without any UI.

Can anyone please share a link to a ZIP containing such standalone Spring project, using Spring Boot, Spring Security and demonstrated REST endpoint authentication? (the sender will immediately become a hero :-)

chaoluo
  • 2,596
  • 1
  • 17
  • 29
Roy
  • 139
  • 3
  • 11
  • 2
    Go to [start.spring.io](http://start.spring.io/) and create a project with boot, security and OAuth 2. Then implement the `Resource Owner Password Credentials` flow and done! – Ali Dehghani Dec 23 '16 at 09:34
  • Thanks Ali. it sounds good but could you please be a bit more specific on what to put in the fields? First time of using it. The search bar gave "Cloud OAuth2, Cloud Bootstrap, Security". Also, what do you mean by " implement the Resource Owner Password Credentials flow"? thanks! – Roy Dec 23 '16 at 14:14

0 Answers0