1

I am creating a Restful Web service, which shall then be accessed by a website and native android applications. I am new to Restful and want to understand what shall be the best security mechanism I can use to secure this website.

I have read about:

  1. OAuth 1/2
  2. Http sessions (which are not suggested)
  3. Http Header mechanisms

What are the advantages/disadvantages of them vis-a-vis the other?

Paresh Mayani
  • 127,700
  • 71
  • 241
  • 295
Akash Khanna
  • 159
  • 3
  • 12
  • You also could consider an API_KEY, passed in the URI or the request. – sschrass Sep 04 '14 at 08:26
  • The best security depends on [what type of service you have](http://stackoverflow.com/questions/20870779/do-we-need-a-security-signature-for-the-web-service-response/20912293#20912293) and what you consider to be the appropriate level of security given your needs and requirements. – Bogdan Sep 06 '14 at 16:00

0 Answers0