What is best approach to implement custom token security mechanism for rest services?

**sarah.kho** · Jun 28th, 2011, 07:10 AM

Hi,

I am wondering whether any article or document exists to show how we can use spring and spring security to implement a custom token based authentication/ access control for some restful services using spring security...

I am using basic authentication now, but that seems to be not suitable for restful web services, any comment link or idea is welcome.

**sarah.kho** · Jul 7th, 2011, 02:47 PM

Any comment on this?

Thanks.

**cnmconsulting** · Jul 7th, 2011, 06:19 PM

Are you doing web services, rest services or both??

**sarah.kho** · Jul 8th, 2011, 03:39 AM

Just rest services.
Thanks.

**Luke Taylor** · Jul 8th, 2011, 05:33 AM

Why do you say that basic authentication isn't suitable for RESTful apps?

**cnmconsulting** · Jul 8th, 2011, 08:46 AM

Originally Posted by Luke Taylor

Why do you say that basic authentication isn't suitable for RESTful apps?

Exactly, basic auth is one of the base level form of security that can be used for rest.

Otherwise you need to look at other HTTP security examples. REST uses. straight HTTP security.

**kolodrevskiy** · Dec 10th, 2011, 12:57 PM

Hey guys,
did you find useful information about token authentication for rest with spring security? can you put some example here please?

Thread: What is best approach to implement custom token security mechanism for rest services?

Thread Tools

Display

What is best approach to implement custom token security mechanism for rest services?

Posting Permissions