java - Securing ReST calls from same application -


i built rest service using jersey in custom java web application, spring not used. want use service data jquery ajax calls jsp.

i have service working, , jquery ajax calls working. need secure service such users of application can call service. don't want user able copy ajax url , later, other computer, call service directly.

i think can done in same way might have done handling session jsp pages. make rest service url session protected way jsp page protected.


Comments

Post a Comment

Popular posts from this blog

Java sticky instances of class com.mysql.jdbc.Field aggregating -

i noticed (via jmap+jhat) app leaking storing many instances com.mysql.jdbc.field  class - double checked code make sure closing preparedstatements, find few missing didn't change outcome. - preparedstatement created , closed right away - several others created @ start , reused many times - using org.apache.tomcat.jdbc.pool.datasource connection pool what can cause type of behavior? are closing of preparedstatements / result sets using: preparedstatement stmt (possible assignment here); try { // work prepared statement resultset rs; try { while (rs.next()) ... // process results } { rs.close(); } } { stmt.close(); } so guarantee result sets closed when finished (regardless of exceptions) , statements closed (regardless of exceptions)? there other ways write that, idea same. if you're doing of properly, unless have many references it's taking inordinate amount of memory, it's ok , nothing needs done it.
Read more