• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Paul Clapham
  • Jeanne Boyarsky
  • Knute Snortum
Sheriffs:
  • Liutauras Vilda
  • Tim Cooke
  • Junilu Lacar
Saloon Keepers:
  • Ron McLeod
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Joe Ess
  • salvin francis
  • fred rosenberger

Best practice for user authentication

 
Ranch Hand
Posts: 36
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
About to implement a solution which allows a user to login/register from a JSP page OR from an Android client. We will be using REST exclusively.
What I plan on doing is as follows.
User Registers, causing a user token (name/pwd) to be POSTED to my REST service. This will be persisted and an Auth token created for this user and the username,pwd and Auth token will all be persisted.
The Auth token is then returned to the user and sent back with any further REST calls.
The token will expire after say 2 weeks.
On further logins a user/pwd will be sent to the REST service and checked against the persisted version.
Is this a good way to go about authentication ? Is there any frameworks that handle this sort of functionality as it is common to almost all client server apps?
Thanks ..
 
She's out of the country right now, toppling an unauthorized dictatorship. Please leave a message with this tiny ad:
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!