Re: [Catalyst] Authentication with REST and Catalyst

2011-03-12 Thread Bill Moseley
On Sat, Mar 12, 2011 at 6:14 AM, Lars Dɪᴇᴄᴋᴏᴡ 迪拉斯 wrote: > > This being REST, Cookies are right out. > Because state is then no longer only contained in the URL? It's pretty easy to find APIs that claim ReSTful-type interfaces that use cookies. -- Bill Moseley mose...@hank.org _

Re: [Catalyst] Authentication with REST and Catalyst

2011-03-12 Thread linuxsupport
Thank you so much, I will try TLS and see how it goes. On Sat, Mar 12, 2011 at 7:44 PM, Lars Dɪᴇᴄᴋᴏᴡ 迪拉斯 wrote: > If you think of cobbling together your own authentication scheme, don't. > You > will make mistakes and introduce weaknesses. Use the established ones, in > decreasing order of prefe

Re: [Catalyst] Authentication with REST and Catalyst

2011-03-12 Thread Lars Dɪᴇᴄᴋᴏᴡ 迪拉斯
If you think of cobbling together your own authentication scheme, don't. You will make mistakes and introduce weaknesses. Use the established ones, in decreasing order of preference: * TLS, e.g. * WSSE, e.g.

Re: [Catalyst] Authentication with REST and Catalyst

2011-03-12 Thread linuxsupport
Thanks for but that is more on implementing authentication, I am looking for authentication and authorization for REST API, I understand single key would be better idea, but do we have any real example or guide line? On Sat, Mar 12, 2011 at 1:36 AM, shawn wilson wrote: > > > On Fri, Mar 11, 2011

Re: [Catalyst] Authentication with REST and Catalyst

2011-03-11 Thread shawn wilson
On Fri, Mar 11, 2011 at 3:00 PM, Devin Austin wrote: > > > On Fri, Mar 11, 2011 at 12:48 PM, linuxsupport wrote: > >> Hi Everyone, >> >> What is the best practice for implementation authentication and >> authorization when building a REST API application using catalyst? >> How should authenticatio

Re: [Catalyst] Authentication with REST and Catalyst

2011-03-11 Thread Devin Austin
On Fri, Mar 11, 2011 at 12:48 PM, linuxsupport wrote: > Hi Everyone, > > What is the best practice for implementation authentication and > authorization when building a REST API application using catalyst? > How should authentication be implementation? > > Any guide or example would be very helpfu

[Catalyst] Authentication with REST and Catalyst

2011-03-11 Thread linuxsupport
Hi Everyone, What is the best practice for implementation authentication and authorization when building a REST API application using catalyst? How should authentication be implementation? Any guide or example would be very helpful. Thanks ___ List: Ca