I am using a REST JSON webservice which I want to secure. The service is secured with very basic Spring security and the session is 开发者_开发技巧stored on the server. So before the user can access the url "/api/resource" he/she needs to login first.
I want know how to:
- Only allow registered users to access my rest api
- Only allow registered clients with registered users to access my rest api(e.g. GWT, Android, iOS). I dont want to let the users access my api if the client is not registered.
With a lot of googleing I saw the concept of OAuth which has the three way authentication method.
I am using grails in my project but I did not find any support for OAuth. Does anyone have experience using OAuth with grails? Is it easy to implement using Grails?
Thanks for help
I've coded an OAuth library that is really simple and it's known to work with Groovy.
It's called scribe and you can give it a try here:
http://github.com/fernandezpablo85/scribe-java
EDIT
If you need to implement an OAuth provider yourself, the only library I know is the old oauth java lib.
It's not very well documented but it has some examples.
Check this plugin:
http://grails.org/plugin/spring-social-core
https://github.com/synergyj/grails-spring-social-core
They already have 2 implementations, Twitter and Facebook! Now you just have to create your own implementation!
Use the spring security oauth provider plugin. Creating an oauth provider is complex and you are in for a long haul of research and development but at the end you will have some experience that few have. Enjoy!
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论