HTML5 mobile app security

Question

I'm developing a html5+jquery+phonegap application. Server side is written in java and Spring MVC.And I hope to implement an authentication model as follows.

client signs up using his email which would be used as his userID.
A token is sent to his email.
He is given a screen to enter the token.
That token is stored in the local storage of the client.
everytime the client calls a webservice, his userID and token is sent by the app over https.
Server authenticates him and responds.

What are the options available to implment this kind of security from the server side? can Spring-security be used in this way? I tried to find any implmentation with Spring-security, but couldn't find any implmentation other than basic authentication.

score 0 · Accepted Answer · edited May 23 '17 at 12:12

0

You can use PreAuthenticationProcessingFilter to achieve this requirement, have a look similar case and spring security doc

edited May 23 '17 at 12:12

Community

1
1

answered Oct 25 '12 at 07:37

Jigar Parekh

6,163
7
44
64

I'm not that familiar with Spirng-security. But I'll give it a try. Thanks alot. – Maddy Oct 25 '12 at 07:43

HTML5 mobile app security

1 Answers1