Book Image

RESTful Java Web Services, Second Edition

Book Image

RESTful Java Web Services, Second Edition

Overview of this book

Table of Contents (17 chapters)
RESTful Java Web Services Second Edition
Credits
About the Author
Acknowledgments
About the Reviewers
www.PacktPub.com
Preface
Index

Securing and authenticating web services


Security on the Internet takes many forms. In the context of RESTful web services and this book, we are only interested in two forms of security: firstly, securing access to web services; secondly, accessing web services on behalf of our users.

What we accomplish with securing web services is the calculated control of resources. Even though most web services are publicly available, we still need to control data access and traffic throughput. We can do both by restricting access through subscription accounts. For example, Google's web service API limited the number of queries a registered user could execute daily. Similarly, many other API vendors restrict the access of their APIs.

Security has two essential elements: authentication and authorization.

  • Authentication: It is the process of verifying the identity of the user who is trying to access the application or web service. This is typically performed by obtaining user credentials, such as username...