axis-c-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dustfinger x <dustfin...@muddymukluk.com>
Subject How do I implement authentication in a RESTful service?
Date Sun, 17 Apr 2011 11:11:47 GMT
Hi,

I am writing a RESTful service that will be called by a php client using
cURL. I am trying to determine the best way to handle authentication. I
don't think that basic http authentication will work with a RESTful service.
As far as I understand it, a RESTful service cannot support ws-security. The
datamodel used by the data access layer for the service has a user table
with a username and password. I would like to make sure that all requests
being made to the service are from users in this table and that the user
credentials have been validated. A simple approach I have thought of is to
simply make the client pass a username and password with each request.

Can anyone recommend an authentication strategy that works well for a
RESTful service?

Sincerely,

dustfinger.

Mime
View raw message