Java EE notebook
  • Introduction
  • /web-customer-tracker
  • Web Service
  • AOP
  • Web Server2(Spring REST)
  • Security
  • Json
  • Web Server VS Application Server VS Web Containers
  • different between Servlet & JSP2
  • DI
  • 0
  • 1annotation inversion of control, bean scope
  • 2 annotation dependency injection
  • 3 annotation bean scope, java code config
  • 4 Spring MVC
  • rest web services
  • Spring-Hibernate0
  • Spring-Hibernate1
  • @ManyToMany
  • spring mvc work flow
  • Spring Security
  • JWT
  • @Autowired
  • Jersey REST Service
  • Spring Bean
Powered by GitBook
On this page
  • 1. CSRF
  • 2. authorization VS authentication
  • 3 OAuth2
  • 4. CORS

Was this helpful?

Security

1. CSRF

Cross-Site Request Forgery (CSRF)

HTTPS does nothing to defend against CSRF.

2. authorization VS authentication

authorization: what you can do

authentication: who you are

3 OAuth2

OAuth (Open authorization) is an open standard for token-based authentication and authorization on the Internet.

OAuth 2 provides users with the ability to grant third-party access to web resources without sharing a password.

4. CORS

PreviousWeb Server2(Spring REST)NextJson

Last updated 5 years ago

Was this helpful?