0

I'm learning Web services. I have created an Rest API on local machine in eclipse. And the url looks like this http://localhost.com/Web/Test/Client

What It does is when I call this url as POST method with username and parameters in url's body, I get one token which I'm using somewhere else. Upto here its working fine. I pass username and password and I get a token once my API's code verifies the credentials coming in url's body.

So after that I read about security of Rest API so that no body could access my credentials which are coming with url. It says it needs to be converted into HTTPS from HTTP.

But I could not understand more how and where this security needs to be configured in my code. Do I need to write any code to achieve this or any settings are required ? I'm totally blank here.

Can anyone please help me to understand this and tell me what needs to be done to get HTTPS for my url ?

Javastudent
  • 29
  • 10

1 Answers1

0

What you need to do here is create a self signed certificate and configure channel security. I highly recommend you to use spring security framework to get this thing done. This article will help you.

To require HTTPS for the login page modify your security configuration by adding the following:

http.requiresChannel()
  .antMatchers("/login*").requiresSecure();
Ravindra Ranwala
  • 20,744
  • 6
  • 45
  • 63