Authorizing the RESTful web service accesses via the security APIs

The authorization process verifies whether the client who has requested or initiated an action has the right to do so. In this section, we will see how to use the JAX-RS APIs for authorizing incoming REST API calls from various clients.

Using SecurityContext APIs to control access

We started off this chapter by discussing how an application authenticates a user who is trying to access a secured resource. When a client accesses a secured resource, the server identifies and validates the requester, and on successful authentication, the requester is allowed to get inside the application. During this process, the underlying security framework generates a javax.ws.rs.core.SecurityContext ...

Get RESTful Java Web Services - Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.