0

In my Spring application I am using both: controller and service layer. I am redirecting my JSP with the controller. In service layer I written services using jax-RS. I secured my web services with Spring security using token based approach. I am trying to implement

1.Same API's in mobile devices (Stateless)

2.Web application Same API and controller I already defined in application

3.Web :Remember Me . Token based. What is standard practice?

Can I achieve it in single application for web with REST services? Or I need to separate controller and JSP from application. i.e. Two seperate application

1.Spring MVC web Application: controller and JSP. Consumes REST services.

  1. Jersey Application : only services.No controller,No JSP

  2. Android Mobile App: consumes REST services.

Meiko Rachimow
  • 4,664
  • 2
  • 25
  • 43
Prashant Thorat
  • 1,752
  • 11
  • 33
  • 54

1 Answers1

0

It is possible to implement the JSON-API and the web application in the same application. To do this, you don't need to use Jersey AND Spring MVC. One of the frameworks would be enough.

This article explains, how to implement a JSON-API (or rather a REST API) with Spring: Building a RESTful Web Service

And in this part of the Jersey documentation is explained, how you can use Jersey to create HTML with JSP or other template languages: Chapter 20. MVC Templates

The integration of both frameworks is possible too: How to integrate Jersey in a Spring MVC application

So it is up to you, which approach you use.

Maybe another possibility could match your requirements: You could implement the business logic and persistence in a separate library and use it in both projects. This library could use Spring Dependency Injection, Spring Persistence and so on. Here is the part in the Jersey documentation, which would help you to integrate this library in Jersey: Spring DI If you choose this approach, I recommend you to create a Maven multi-module project with the 3 parts (business, web, api) as separate modules.

To the second part of your question, how to implement a token based "remember me" (more precisely a session). In a web application it is common to use Cookies for that. How to implement this in Jersey, can be found here, where the class HttpSession is used. If you want it more RESTful (stateless) for your JSON-API, you have to send the credentials (maybe a hashed password) in every request. For more options I recommend this article: RESTful Authentication And take a look at this part of the jersey documentation: Security or this article Spring Security and Angular JS.

Community
  • 1
  • 1
Meiko Rachimow
  • 4,664
  • 2
  • 25
  • 43
  • Yes I got it.But how stateless and state full in same application. In case of remember me .I don't want session its stateless approach. In case of remember me is not checked I want session if user is ideal for 20 minutes ,session will get expired – Prashant Thorat Mar 28 '16 at 07:56
  • it depends on your preferred approach. What is your choice? – Meiko Rachimow Mar 28 '16 at 18:21