REST HTTP Authentication - How?

Question

So, I\'m developing a REST webservice using RESTeasy and Google App Engine. My question isn\'t related to GAE, but I mentioned it just in case it matters. It happens that na

Answer 1

you will definitely face a security risk when using any authentication method without SSL.

but if you did use SSL, you will usually suffer from a poor performance.

Oauth is actually a solution to allow 3rd party to obtain access to your webservices.

due to the limited selection, my solution to a current webservices that require authentication used the combination of SSL+basic