Questions tagged [restful-authentication]

Questions about authentication for RESTful services.

Services designed using REpresentational State Transfer architecture must often authenticate clients. How best to do this can be a complex topic, as in true REST each client request to the server will contain all the information necessary to complete it (including authentication).

Resources

1447 questions
7
votes
2 answers

Shibboleth restful api

I am writing an android application for an University that uses Shibboleth for authenticating the students. Since I am making a android native app (not a webview), I would like to programmatically pass the username and password and get back the…
Sethu
  • 556
  • 1
  • 7
  • 18
7
votes
3 answers

Developing Azure functions locally

I am leading a large team of azure functions developers. So, most of the examples quoted by Microsoft using the azure web interface don't work for me. I am developing Azure functions locally using emulators to save some costs. I publish all my…
7
votes
5 answers

FIle upload from a rest client to a rest server

I created a rest server using the codeigniter rest server library created by PhilSturgeon : github.com/philsturgeon/codeigniter-restserver Now, I am using Codeignitor rest client : github.com/philsturgeon/codeigniter-restclient to get/post data…
Amit Aggarwal
  • 131
  • 1
  • 2
  • 8
7
votes
2 answers

how to deal with access token and refresh token in client side

I am creating a website using AngularJS client side and communicating in REST with a backend (in an other domain). To authenticate every calls, I pass a token through the header of each HTTPS call : "Authorization : Bearer access_tokenXXXXXX" When…
Geoffrey D
  • 578
  • 1
  • 6
  • 13
7
votes
1 answer

How to make authenticated requests in mocha test using supertest and agent?

I'm having trouble getting my authenticated tests to run (server returns 401 Unauthenticated) after logging in. var should = require('should'), _ = require('lodash'), app = require('../../../server'), mongoose = require('mongoose'), …
chovy
  • 72,281
  • 52
  • 227
  • 295
7
votes
1 answer

Implementing OAuth Provider in Delphi

I've developed a REST web service and I want to implement an OAuth Service Provider for authenticating, primarily, two-legged OAuth requests. Could anyone please point me to an implementation of an OAuth Service Provider created in Delphi. Thanks in…
Jesse
  • 71
  • 1
  • 2
7
votes
0 answers

rest-How to handle authentication in a microservice architecture

I'm creating a series of RESfull services using the microservice architecture described by Martin Fowler recently in his blog (http://martinfowler.com/articles/microservices.html) But I need for all the methods to be accessed exclusively by…
evilpilaf
  • 1,991
  • 2
  • 21
  • 38
7
votes
2 answers

Authentication/authorization in JAX-RS using interceptors and injection

I am developing a new application in JavaEE 7 using WildFly 8. I am using JAX-RS to provide a RESTful service interface for remote applications. Something like an HttpHeaders object can be injected in a resource method arguments using the @Context…
Arash Shahkar
  • 655
  • 3
  • 12
  • 24
7
votes
2 answers

ExtJs Model Proxy vs. Store Proxy

OK, I'm stuck on what should be a basic task in ExtJs. I'm writing a simple login script that sends a user name and password combination to a RESTful web service and receives a GUID if the credentials are correct. My question is, do I use a Model…
mrtedweb
  • 783
  • 2
  • 9
  • 18
7
votes
4 answers

What is the correct way to authorize and structure a RESTful backend

A lot of examples about RESTful Web Services do not take into account the problem that today many applications are multi-user. Imagine a multi-user backend exposing a RESTful API. The backend data architecture uses a shared database and shared…
gremo
  • 47,186
  • 75
  • 257
  • 421
7
votes
1 answer

Symfony2 entity user provider overrides custom auth provider

My Symfony2 custom authentication provider now appears to be working. User Provider I almost used the FOSUserBundle but I don't even have email addresses for my users and I don't need the added functionality or complication. So instead I'm just…
Daniel B.
  • 1,650
  • 1
  • 19
  • 40
6
votes
2 answers

SAML 2.0 based Authentication for iPhone application

Team, kindly help me how to implement SAML based authentication for iPhone application. I have .NET REST based JSON webservice as my backend service. Kindly advice me on this requirement.
shatthi
  • 656
  • 3
  • 10
  • 23
6
votes
2 answers

Should a Basic authentication request be POST or GET?

I have seen Basic authentication being done in both GET and POST requests. On the one hand, I suppose browser caching GET requests could be an issue, but on the other: POST is larger but encouraged for delivering sensitive information. I am not…
6
votes
1 answer

Protecting REST API behind SPA against data thiefs

I am writing a REST Api gateway for an Angular SPA and I am confronted with the problem of securing the data exposed by the API for the SPA against "data thiefs". I am aware that I can't do much against HTML scraping, but at least I don't want to…
kentor
  • 16,553
  • 20
  • 86
  • 144
6
votes
2 answers

JAX-RS and custom authorization

I'm trying to secure the JAX-RS endpoint and am currently trying to figure out how the authentication and authorization work. Most examples are quite simple as they only piggyback from Java EE App-Server role via web.xml. I'm wondering how to use…
xandross
  • 911
  • 2
  • 11
  • 17