Login/Register
Easy way for Authentication and Authorization with JAX-RS Jersey
Asked Answered
Solved javaoauthjerseyjax-rsuser-management
M

2

8

I'm pretty new to REST and am currently developing an API with JAX-RS Jersey. I am curious on what is the easiest way to implement a user Management. I.e. users must log in and have restricted access to different resources depending on their role. From what I understand, using OAuth 2.0 is the current standard. Can I implement that with Jersey? Does anyone have a few links for me to get me started (examples, tutorials)? Or would you suggest another approach?

Thanks a lot

Milch answered 30/7, 2013 at 8:28 Comment(0)
M
13

There are multiple ways to achieve that, let me point few of them:

  1. HTTP Basic authentication (BA) implementation is the simplest technique for enforcing access controls to web resources because it doesn't require cookies, session identifier and login pages. Rather, HTTP Basic authentication uses static, standard HTTP headers which means that no handshakes have to be done in anticipation.

  2. Role based access control for J2EE applications using realm

  3. OAuth with REST:

Mouse answered 30/7, 2013 at 8:36 Comment(3)
Thank you for the lightning-fast response! Which method would you suggest for a system handling very sensitive data? Are there any libraries or examples for OAuth with Jersey you would know of?Milch
@user2633221 Use Basic authentication with HTTPs. Try it, once you do so you will learn more about authentication and authorization. If at some point you feel it is not sufficient for your solution then move to others.Mouse
2nd link is broken :(Dottie
E
-1

There's an OAuth 1.0 contrib for Jersey @ https://wikis.oracle.com/display/Jersey/OAuth Works great for me. OAuth 2 is not really a standard yet as it's not finished and there's still a lot of debate and interoperability issues around it.

Euchromatin answered 30/7, 2013 at 20:46 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.