Chapter 5. Securing a Restlet application
- Securing the communication
- Authenticating the remote user
- Assigning roles to the authenticated user
- Authorizing the user to perform actions on the system
- Ensuring end-to-end integrity of the data
In chapter 3 you saw how to deploy a Restlet application on premises, but this application was freely accessible to any client. In the real world free accessibility is rarely desirable, and a point comes when you need to take security into account. This chapter covers how to secure a Restlet application. We address the issue of securing the communication between the client and the server by using transport level security that can ensure confidentiality and integrity of the exchange. ...