You're reading from Play Framework essentials An intuitive guide to creating easy-to-build scalable web applications using the Play framework

Product type Paperback

Published in Sep 2014

Publisher

ISBN-13 9781783982400

Length 200 pages

Edition 1st Edition

Languages

Java

Tools

Play

Concepts

Front End Web Development

Author (1):

Julien Richard-Foy

View More author details

Table of Contents (9) Chapters

Preface

1. Building a Web Service FREE CHAPTER

2. Persisting Data and Testing

3. Turning a Web Service into a Web Application

4. Integrating with Client-side Technologies

5. Reactively Handling Long-running Requests

6. Leveraging the Play Stack – Security, Internationalization, Cache, and the HTTP Client

7. Scaling Your Codebase and Deploying Your Application

Index

Handling security concerns

This section presents the main security challenges in web applications and how to handle them with the Play framework.

Authentication

In the previous chapter, we added a page that showed an auction room for an item. The form to participate in an auction requires users to fill their name and a price for the item. In this section, I propose to restrict auction rooms to authenticated users only. This means that if a non-authenticated user tries to go to an auction room, he is redirected to a login form. Once he is logged in, he is redirected back to the auction room, whose form now has only one field, the bid price, because the username can be retrieved from the user's identity.

To differentiate between identified and non-identified users, we rely on a session mechanism. Once a user is authenticated, he visits the pages of the application on behalf of his identity; two users might not see the same response when they go to the same page. To achieve this in a stateless...