spray-session icon indicating copy to clipboard operation
spray-session copied to clipboard

Published 20 hours ago verified publisher icon gnieh

[Question] Securing data transfer ?

Open hajime-moto opened this issue 8 years ago • 1 comments

Hi,

Thank you for this great library :+1: . I'm not very familiar with security and session management side of thing so I apologise for this dumb question.

If I don't have SSL enabled, can spray-session give me some level of assurance that the username and password or any other sensitive data being sent from the client (browser) to the server is somewhat secure ?

Googling "scala security" brings up silhouette or securesocial for play and I'm trying to use Spray. I'm not sure how spray-session compares to these other libraries.

I'm just trying to achieve some level of security in my application. Can spray-session help me here ?

hajime-moto avatar Apr 01 '16 13:04 hajime-moto

Hi,

scala-session just helps maintaining a session state across requests, it does not help providing any transport level security. Only SSL may help you in this case to protect transferring of your password.

satabin avatar Apr 01 '16 15:04 satabin