Comments on: WEB API best practices

By: PI

PI — Mon, 05 Oct 2009 16:18:38 +0000

Thanks!
I just finished reading the RESTful Web Services book by Leonard Richardson and Sam Ruby. I highly recommend it for anyone interested in this subject.
I’m going with a request signing authentication schema, similar to what the Amazon S3 service does.

By: Rafael Vega

Rafael Vega — Tue, 24 Feb 2009 11:39:21 +0000

By: bserban

bserban — Sun, 22 Feb 2009 15:02:35 +0000

Rafael,

I am thinking to post a blog entry about authentication and security in REST Applications. So far i have used:
* cookies/tokens (depends on the api) to maintain the session
* application ids to limit the usage
* after every interaction provide a new token and validate it at the next call
* and of course, you could use digital signature.

bserban

By: bserban

bserban — Sat, 21 Feb 2009 19:54:01 +0000

Hi Andrei, I recommend you to read these two books Building Scalable Web Sites, about how flickr was build, and Scalable Internet Architectures, i found them great.

By: Rafael Vega

Rafael Vega — Fri, 20 Feb 2009 19:53:07 +0000

Great post!
Can you point us to some REST API authentication/security recommendations?

By: CRISTIANO

CRISTIANO — Fri, 20 Feb 2009 13:54:50 +0000

I recommend you a tool: ENUNCIATE – http://enunciate.codehaus.org. This tool can grow your productivity and can give you a better view about different Web services solutions. As they say: Enunciate is an engine for creating, maintaining, and deploying your rich Web service API for the Java platform. Good luck!

By: andrei

andrei — Wed, 18 Feb 2009 09:19:18 +0000

Hi,

I find your post very interesting and I would like to know more about SOA. Can you please recommend me a book?