问题
I am about to implement security for my RESTful services based on the Spring framework. Actually, I have never secured RESTful WS before, but I've got myself a good introduction here. Basically, Amazon S3 or even OAuth are suggested as good examples.
My questions:
- Does the Spring framework provide these strategies out-of-the-box?
- If yes: Is it Spring security that implements these strategies?
- If no: How would you suggest to implement these strategies (OAuth ...) with Spring?
Thanks in advance for any suggestion.
Er
回答1:
It is definitely Spring Security that you're looking for. It provides an excellent way of securing the invocations of your RESTful spring-mvc controllers.
oAuth is in the business of federated authorization, which is what you need when you're building an application that requires its users to give your application permission to access a portion of their private data that lives in the cloud, e.g their gmail contacts or their Google Calendar.
来源:https://stackoverflow.com/questions/3172822/any-spring-framework-support-for-rest-security