On 21/05/2009, at 8:06 PM, Tomas Doran wrote:
Christian Lackas wrote:
I already did some googling, but did not find a satisfying answer
yet.
What is state-of-the-art approach to control access to REST
resources.
When you say 'REST resources', I'm guessing you mean some sort of
API, rather than a normal person facing site which happens to be
restful..
Use HTTP headers.
Just to be completely clear, t0m means
Catalyst::Authentication::Credential::HTTP
http://user:p...@host/webdisk/data/path/to/file
I think that's very ugly, but workable.
http://user:p...@host/webdisk/TOKEN/data/path/to/file
This is horrible if the TOKEN changes.
Does Catalyst provide any plugins for this? Could not find anything
on
CPAN.
I just use HTTP basic or digest auth.
Works well, very standard, no messing around, supported by
everything..
Of course, just making a /login URI which returns you a cookie you
provide back to other URIs to get access isn't directly non-RESTFul
in itself...
Cheers
t0m
_______________________________________________
List: [email protected]
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[email protected]/
Dev site: http://dev.catalyst.perl.org/
_______________________________________________
List: [email protected]
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[email protected]/
Dev site: http://dev.catalyst.perl.org/
