Frage
I am currently in the process of building RESTful web services using Jersey framework as a backend (for an Ipad\Iphone application) using Java, at the POINT I was trying to figure out a security( Authentication and Authorization) implementation of my the API, I came across Basic, digest and Oauth but at the point as my APIs are still not fully developed so I think Oauth seems to be a bit of an overkill to me...
My question is though Apache Shiro looks easy to grasp and start with is something that can usedfor securing RESTful web services like in the long run as my APIs logic grows?
Lösung
Shiro is very customizable. It provides interfaces for doing your Authentication and Authorization. If you ever need to change your authentication from Basic to Oauth, all you have to do is implement a new class and plug it in.
The interfaces to look into are Realm, AuthenticatingRealm, AuthorizingRealm, Subject, AuthenticationToken and SimpleAuthorizationInfo.
https://stackoverflow.com/questions/20526919
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian