On Tue, 31 Mar 2009, Wouter wrote:
I want to create a RESTful java web service. I am developping an
application for Android and I need a web service to handle data! But I
have a problem, I want a user to login with a username and password but
how can I do this with a rest web service?
Use HTTP authentication. In particular, HTTP digest authentication. It's
handled in the HTTP layer, so it doesn't impose any requirements on
application flow which would interfere with the RESTfulness of your web
app.
How are you implementing the web app?
If it's with servlets or JSPs, you can do this by configuration, without
having to write any code. You have to put some stuff in your web.xml
saying which URLs you want protected and a bit about how,
Then there's container-specific configuration about how the authentication
should be done - where the list of users is kept, that sort of thing. In
Tomcat, it's done with the server.xml file; see:
http://tomcat.apache.org/tomcat-5.5-doc/config/realm.htmlhttp://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html
The username and login would be saved in a (mysql) database!
Tomcat can do that - use a JDBCRealm or DataSourceRealm.
to have a real website. Just a backend web service for my android
posting on the REST web service. So I have a login screen at my Android