restful-authentication

问题 I\'ve been reading up on REST and there are a lot of questions on SO about it, as well as on a lot of other sites and blogs. Though I\'ve never seen this specific question asked...for some reason, I can\'t wrap my mind around this concept... If I\'m building a RESTful API, and I want to secure it, one of the methods I\'ve seen is to use a security token. When I\'ve used other APIs, there\'s been a token and a shared secret...makes sense. What I don\'t understand is, requests to a rest service

问题 What does RESTful Authentication mean and how does it work? I can\'t find a good overview on Google. My only understanding is that you pass the session key (remeberal) in the URL, but this could be horribly wrong. 回答1: How to handle authentication in a RESTful Client-Server architecture is a matter of debate. Commonly, it can be achieved, in the SOA over HTTP world via: HTTP basic auth over HTTPS; Cookies and session management; Token in HTTP headers (e.g. OAuth 2.0 + JWT); Query