REST Authentication

I am looking for a Java based REST server which support following authentication mechanism. Also please let me know the best resources for the REST based a开发者_C百科uthentication

1. Token
2. Certificate
3. Kerberos
4. Oauth
5. Open Id

---

I am an architect from WSO2... so my reply could be biased...

You can use the open source WSO2 Application Server to deploy your RESTful services and WSO2 Identity server has the support for 2-legged OAuth...

Thanks...

---

Partial answer for method 2) Certificate:

If you're planning on using certificates for authentication, I must assume that the API will be consumed by a limited number of trusted client applications. I've recently developed and deployed a REST API for internal use within an organization, and we use server-client certificates for authentication. This solution delivers a really high level of security, but is very impractical to use in an externally exposed API. This post gives some information: Java HTTPS client certificate authentication.

---

Any Java container should support these with either:

1. Apache / IIS as a reverse proxy deployed for SSO (Single Sign On)
2. Authentication plugins