I am using an authorization scheme where username and md5 hash of the
password is the top-level context of my service:
http://www.mysite.com/myjerseyapp/{username}:{md5}/
And it occurred to me I might be able to use basic http authentication
instead to conform to the existing standard. This would also automatically
pop-up an authorization dialog if people access my resource without
specifying credentials:
http://{username}:{md5}@www.mysite.com/myjerseyapp/
However I can't find an example of setting this up with Jersey. I can add
some security-constraints to Tomcat's web.xml and use static user info, but
how would I intercept and pass along credentials to be authorized
dynamically, say in a database?
Thanks in advance,
Casper