November 2017
Intermediate to advanced
420 pages
10h 29m
English
Content preview from RESTful Java Web Services - Third Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Securing RESTful web services with OAuth
OAuth is an open standard for authorization, used by many enterprises and service providers to protect their resources. OAuth solves a different security problem from what HTTP basic authentication has been used for. The OAuth protocol allows client applications to access protected resources on behalf of the resource owner (typically, the application user).
If we look at the history of this protocol, OAuth version 1.0 was published as RFC 5849 in 2010. Later, the next evolution of OAuth, version 2.0, was published as RFC 6749 in 2012. Note that these two versions are different in their implementations and do not have many things in common. In this section, we will explore what the OAuth protocol and ...