users@jersey.java.net

Re: [Jersey] Security with Jersey RestFul services

From: Paul Sandoz <Paul.Sandoz_at_Sun.COM>
Date: Fri, 02 Oct 2009 13:30:08 +0200

On Oct 1, 2009, at 11:06 PM, Gurpreet Singh wrote:

> Hi All,
>
>
> How can we implement security with restful services.

I recommend leveraging the security of the web server or application
server.


> Is there any thing provided by Jersey reference implementation for
> WS.* kind of security.
>

No, although some developers have experimented with XML-based message
level security.

The general recommendation is to start off using something like HTTP
basic authentication with SSL.

The following sample uses Glassfish with HTTPS:

   http://download.java.net/maven/2/com/sun/jersey/samples/https-server-glassfish/1.1.2-ea/https-server-glassfish-1.1.2-ea-project.zip

Paul.