0

I have the following architecture:

front-end = AngularJS back-end = Java EE7/REST-API

Both are deployed on Wildfly 8.2 using Undertow as application server.

My first question is regarding the authentication mechanism:

  1. Should I use form based authentication and having a web.xml that protect my pages with security constraint ? same for REST-API, they will be protected by a security constraint. I can have then a j_security_check with j_username and j_password on a simple login page. On server side, I can do a JAAS login then.

  2. Should I use JSON token authentication, so login and logout will use REST web services and generate some access token, those tokens will be saved into a database with a specific time-limit.

That is all regarding security.

Now I am talking about the $scope object in Angular, as you know it will disappear on Angular 2.0, so I am trying to avoid it as much as possible but then how to replace these:

  • $scope.$apply()
  • $rootScope
  • $broadcast

I know that Angular 2.0 encourage web components development with directives as controllers but I have no idea how to replace these specific objets.

Thank you for your help !

Improve this question
2
  • check my test project on github, there is user registration and authorizasion, and roles, and REST, and Angular github.com/dimylik/my_money_flow Commented Jun 1, 2015 at 10:55
  • Your template is Spring based: This is a template for a web application that uses Spring MVC, Spring Security, MongoDB, AngularJS. I am using Java EE 7 and Wildfly. Commented Jun 1, 2015 at 10:56

1 Answer 1

Reset to default
1

Security:

Let me ask you this in a different way. Is your back end going to be

a) Web layer for all the front end applications b) API layer that has consumers outside of web pages.

If you answered a) Then you may probably go for form based/container based security.

If you answered b) Then you may think of token based authentication

Angular $scope

Try to follow some common style guide like https://github.com/johnpapa/angular-styleguide#controllers. This might not be a complete solution but will help you avoid $scope.

BTW: Here is my generator that is based on the style-guide that can help you getting the code cleaner and have best practices. http://reflexdemon.github.io/slush-angular-gulp/

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

In fact it can be both, my REST web services will be used by the front end application BUT can be used for other external applications in the future.
Thx for the style-guide, it really helps !

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.