How do I authenticate user in REST web service?

sudo picture sudo · Apr 3, 2011 · Viewed 15.2k times · Source

How do I write the method for user authentication in REST web service? I am beginner with web services.

Answer

fasseg picture fasseg · Apr 3, 2011

Authentication itself should be done in a stateless way, so that the REST paradigm is not broken. This means authentication has to occur on every request. this SO question might provide some further details

the esiest method is using HTTP-Basic AUTH (rfc2617) over SSL encrypted connections (https). here are some java examples:

another method is using nonces so that you dont have to resend the user/pass combo everytime, but they are a bit more challenging:

there are lots and lots of ways to authenticate users but these 2 are the most often used that dont hold session state on the server side.

hope that helped