David Newton wrote:What's a "web pg"?
you can only access those pages if you're logged in, you're already done. If the web services are available externally, then you'd just need to pass something around, like a session token, and keep it in the web session.
Yep, I read that. But thats the doubt. Basically, this is what I want to implement.
So say for example I have a login page. The user enters the credentials (username/passwd).
I authenticate/validate the user.
Now user has access to various webpages. say account.html
1. after authentication, everything should be over https protocol.
2. The javascripts in account.html (for example) generating the service requests should be over https protocol.
3. Further, when the request like GET /accounts is generated it should go over https and the receiving endpoint should authenticate the user/request.
are there any pointers/tutorials you know ... i am not sure about doing https over spring. just started with it. May be there are better ideas or frameworks to implement the same.