Basic auth should work. To be more secure, you can use basic auth with https.
Samisa Abeysinghe http://samisa-abeysinghe.blogspot.com/ On Sun, Apr 17, 2011 at 4:41 PM, dustfinger x <dustfin...@muddymukluk.com>wrote: > Hi, > > I am writing a RESTful service that will be called by a php client using > cURL. I am trying to determine the best way to handle authentication. I > don't think that basic http authentication will work with a RESTful service. > As far as I understand it, a RESTful service cannot support ws-security. The > datamodel used by the data access layer for the service has a user table > with a username and password. I would like to make sure that all requests > being made to the service are from users in this table and that the user > credentials have been validated. A simple approach I have thought of is to > simply make the client pass a username and password with each request. > > Can anyone recommend an authentication strategy that works well for a > RESTful service? > > Sincerely, > > dustfinger. >
