Hi Guys,
I'm so confused about how should I go about securing my spray application. The reason I'm using Spray over Play is because I've got a Single page application and thought Spray would be easier to work with.
I need
- User and Password authentication - Encrypt the username and password while communicating it with the server or whatever to make the whole thing secure.
- Session management - Only logout user if inactive for certain time.
- Oauth2 authentication for some routes
- Social network authentication - I can easily implement this if I can figure out a way to send the access_token provided by social networks securely over to the server.
Where should I start? What should I do ? Please direct me as I'm very confused. I'm used to using Spring security and I'm very much lost in the Spray world.
I know there are these libraries
Please tell me where should I start ?
Thanks
Chel