How do I write the method for user authentication in REST web service? I am beginner with web services.
Authentication itself should be done in a stateless way, so that the REST paradigm is not broken. This means authentication has to occur on every request. this SO question might provide some further details
the esiest method is using HTTP-Basic AUTH (rfc2617) over SSL encrypted connections (https). here are some java examples:
another method is using nonces so that you dont have to resend the user/pass combo everytime, but they are a bit more challenging:
there are lots and lots of ways to authenticate users but these 2 are the most often used that dont hold session state on the server side.
hope that helped
来源:https://stackoverflow.com/questions/5528272/how-do-i-authenticate-user-in-rest-web-service