What I think is a good read is this post http://www.jamesward.com/2013/05/13/securing-single-page-apps-and-rest-services . This gives an advice how to setup your app. And there is a reference to a app form github.
W dniu niedziela, 13 października 2013 12:01:43 UTC+2 użytkownik Tob napisał: > > I am in same scenario as yours. I am on .net technology, any idea ? All > visible code in .js file, is not really secure. > Thanks for you advices > > Le jeudi 26 juillet 2012 01:05:57 UTC+2, wieslaw a écrit : >> >> Hi, >> I am new to AngularJs, and I was wondering how could integrate it with my >> app, >> which Is a Jsp/Stripes/Spring/Spring security/Hibernate project. >> I know that the problem of security was mentioned in the group but I did >> not find answer which was good for me. >> >> I just wonder, what is the best way to secure the app using spring >> security on the client side? >> Does it have any sense at all? >> >> I don't want to give the users the possibility to see what other >> services could be available for just by reading the *.js files. >> When AngularJs comes in, the only way to filter out the code which I >> don't want user to see, is to wrap <sec:authorize access="> tag in the JSP >> file. >> Which I suppose is not the AngularJs idea for writing application. >> Its hard for me to imagine a good solution without implementing any >> security based filter for the java script *.js files >> which will filter out controllers and services/url by some annotations in >> the js files. >> Any idea where I should look/read? >> >> Thanks >> Wieslaw >> > -- You received this message because you are subscribed to the Google Groups "AngularJS" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/angular. For more options, visit https://groups.google.com/groups/opt_out.
