I'm using Restlet 2.1RC4 and following the example from http://wiki.restlet.org/docs_2.1/13-restlet/28-restlet/392-restlet.html and trying to create an my own OAuth2 Authorization Server. So far I have everything working as expected and I've implemented my own code to handle the store of clients, etc.
The only issue I have left is making the flow more "user friendly" - in the example the /authorize endpoint is protected using HTTP_BASIC authentication. What I'd ideally like to do is replace this with a login form to get the username / password, validate it, and continue the OAuth flow. While the http authentication works, I find its very user unfriendly and doesn't allow the OAuth provider to give the end user any context of what they are logging into when they provide their credentials. I've looked all over the example code provided for the Restlet OAuth2 support and while I see some references to a login page in some of the code Ericsson provided on their site I don't see any of it actually in use. Could someone provide an example of how to put a login page infront of the authorize endpoint? Thanks! ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2954496
