Securing RESTful web services with OAuth

OAuth is an open standard for authorization, used by many enterprises and service providers to protect resources. OAuth solves a different security problem than what HTTP basic authentication has been used for. OAuth protocol allows client applications to access protected resources on behalf of the resource owner (typically, the application user).

If we look at the history of this protocol, the OAuth Version 1.0 was published as RFC 5849 in 2010. Later, the next evolution of OAuth, Version 2.0, was published as RFC 6749 in 2012. Note that these two versions are different in their implementations and do not have many things in common. In this section, we will see what the OAuth protocol and its details are. ...

Get RESTful Java Web Services - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.