I'm new to Jersey. But so far I am loving it! I have implemented a very basic RESTful webservice using Jersey 2.10
I've reached a point where I need to secure my webservice in some fashion. Oauth 1 seems like a good choice at first glance. However, I don't need 3 legged. The consumers of my webservice are within my own company so a 2 legged approach will suffice.
However, I cannot for the life of me find an example of how to do this (2 or 3 legged). The docs do a really good job starting out explaining Oauth but sort of leave it as an exercise to the user to finish an implementation :(
https://jersey.java.net/documentation/latest/security.html#d0e10929
I don't see how to actually secure my java webservice class - the thing with:
@GET
@Produces( { MediaType.APPLICATION_JSON, MediaType.TEXT_XML, MediaType.TEXT_PLAIN, MediaType.TEXT_HTML })
nor do I see how to setup the /oauth starting path and using the consumer and secret keys. Is there an annotation that I use in my webservice methods to secure it? Or some check that I need to do at the start of my method to make sure a 2 legged oauth session has passed the mustard?
I thought I found this as an example but this doesn't seem to be complete for me to use it.
http://stackoverflow.com/questions/2795404/authentication-and-authorization-for-restfull-api-java-jersery
Will a kind soul offer a link to an example or preferably a trivial code/config example to give me a boost in the right direction in implementing a 2 legged server approach in Jersey 2?
Thanks!
- Damian