When using AngularJS and SpringBoot, whenever a user is logged into login page, i setup an Authentication token like this.
SecurityContextHolder.getContext().setAuthentication(
new UsernamePasswordAuthenticationToken(retrievedUser,
retrievedUser.getPassword(), Arrays.stream(retrievedUser.getUserRoles()).map(SimpleGrantedAuthority::new).collect(Collectors.toList())));
Besides this, AngularJS side session is managed using cookies.
My Question is, from Springboot side, do i need to create session and all OR above one is sufficient? Will above thing good for production ready code OR i should explicitly use some session strategy using session registry and so?
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
