java - Session management -
i developing case management application.i have created login page , landing page other pages well. have used spring mvc 4,oracle database.
a used logged application , went admin page.copy admin page url ,logout application.when user directly copy , paste admin page url user user able open page.how can restrict user. when user perform crud operation how can validate user's credentials every time.
please suggest.
if using spring framework, best practice case can implement integrate spring security.
regarding session handling within system, might use jwt tokens allows control user flow easily. can read this complete tutorial.
Comments
Post a Comment