Christian Lackas wrote:
I already did some googling, but did not find a satisfying answer yet.
What is state-of-the-art approach to control access to REST resources.
When you say 'REST resources', I'm guessing you mean some sort of API,
rather than a normal person facing site which happens to be restful..
Use HTTP headers.
http://user:p...@host/webdisk/data/path/to/file
I think that's very ugly, but workable.
http://user:p...@host/webdisk/TOKEN/data/path/to/file
This is horrible if the TOKEN changes.
Does Catalyst provide any plugins for this? Could not find anything on
CPAN.
I just use HTTP basic or digest auth.
Works well, very standard, no messing around, supported by everything..
Of course, just making a /login URI which returns you a cookie you
provide back to other URIs to get access isn't directly non-RESTFul in
itself...
Cheers
t0m
_______________________________________________
List: [email protected]
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[email protected]/
Dev site: http://dev.catalyst.perl.org/
