views:

18

answers:

1

Hi folks. I currently have a RESTful servlet running that returns json upon receiving a POST query. I would like to implement authentication over SSL, so that the user will first login and send his credentials so the servlet knows what level of authorization it has to return the data, but I'm not sure how to go about implementing this for servlets. Anyone have any experience?

+1  A: 

theres a lot going on there. You will need a certificate for your site and you will need to configure your webserver to use https instead of http. That should get you started.

Your authentication scheme is orthogonal to the requirement to have encrypted communication; i.e. they have nothing to do with each other. SSL has to do with encryption of the data transfer back and forth, while authentication has to do with making sure a user is who they say they are. You can authenticate over http if you wanted to....(although if your sight is public as opposed to internal you might not want to do this..)

hvgotcodes