Is there something you need that the Jersey Security Docs[1] do not cover?
I will echo the advice of others, though ... if you are writing green field
applications you should really be looking at OAuth 2 rather than OAuth 1.
Craig
[1]
https://jersey.java.net/documentation/latest/security.html
On Wed, Jul 23, 2014 at 12:49 PM, Sobieralski, Damian Michael <
dsobiera_at_indiana.edu> wrote:
> I'm new to Jersey. But so far I am loving it! I have implemented a very
> basic RESTful webservice using Jersey 2.10
>
> I've reached a point where I need to secure my webservice in some fashion.
> Oauth 1 seems like a good choice at first glance. However, I don't need 3
> legged. The consumers of my webservice are within my own company so a 2
> legged approach will suffice.
>
> However, I cannot for the life of me find an example of how to do this (2
> or 3 legged). The docs do a really good job starting out explaining Oauth
> but sort of leave it as an exercise to the user to finish an implementation
> :(
>
> https://jersey.java.net/documentation/latest/security.html#d0e10929
>
> I don't see how to actually secure my java webservice class - the thing
> with:
>
> @GET
> @Produces( { MediaType.APPLICATION_JSON, MediaType.TEXT_XML,
> MediaType.TEXT_PLAIN, MediaType.TEXT_HTML })
>
> nor do I see how to setup the /oauth starting path and using the consumer
> and secret keys. Is there an annotation that I use in my webservice methods
> to secure it? Or some check that I need to do at the start of my method to
> make sure a 2 legged oauth session has passed the mustard?
>
> I thought I found this as an example but this doesn't seem to be complete
> for me to use it.
>
>
> http://stackoverflow.com/questions/2795404/authentication-and-authorization-for-restfull-api-java-jersery
>
> Will a kind soul offer a link to an example or preferably a trivial
> code/config example to give me a boost in the right direction in
> implementing a 2 legged server approach in Jersey 2?
>
> Thanks!
>
> - Damian
>
>