[Catalyst] RESTful authentication
Kieren Diment
diment at gmail.com
Thu May 21 10:25:47 GMT 2009
On 21/05/2009, at 8:06 PM, Tomas Doran wrote:
> Christian Lackas wrote:
>
>> I already did some googling, but did not find a satisfying answer
>> yet.
>> What is state-of-the-art approach to control access to REST
>> resources.
>
> When you say 'REST resources', I'm guessing you mean some sort of
> API, rather than a normal person facing site which happens to be
> restful..
>
> Use HTTP headers.
Just to be completely clear, t0m means
Catalyst::Authentication::Credential::HTTP
>
>
>> http://user:pass@host/webdisk/data/path/to/file
>
> I think that's very ugly, but workable.
>
>> http://user:pass@host/webdisk/TOKEN/data/path/to/file
>
> This is horrible if the TOKEN changes.
>
>> Does Catalyst provide any plugins for this? Could not find anything
>> on
>> CPAN.
>
> I just use HTTP basic or digest auth.
>
> Works well, very standard, no messing around, supported by
> everything..
>
> Of course, just making a /login URI which returns you a cookie you
> provide back to other URIs to get access isn't directly non-RESTFul
> in itself...
>
> Cheers
> t0m
>
>
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
More information about the Catalyst
mailing list