I currently have a Google App Engine app consisting of two parts:
A website using old school JSPs A RESTful service implemented in Jersey
I've been trying to figure out how to shoehorn authentication into the web service but am rather lost since I've never used Spring before, and it sounds like that's the way to go.
Must I use Spring, or can I use Java EE? Are there any examples of how to accomplish this with Google App Engine?
Also, if I can get a high level description of some best practices for securing web services, that would be cool.
Thanks Mark