java RESTful web service

[Wouter]

Hey,

I want to create a RESTful java web service.
I am developping an application for Android and I need a web service
to handle data!
But I have a problem, I want a user to login with a username and
password but how can I do this with
a rest web service? The username and login would be saved in a (mysql)
database!

Can anyone help me?

Thank you,

Wouter

 

[Tom Anderson]

I want to create a RESTful java web service. I am developping an
application for Android and I need a web service to handle data! But I
have a problem, I want a user to login with a username and password but
how can I do this with a rest web service?

Use HTTP authentication. In particular, HTTP digest authentication. It's
handled in the HTTP layer, so it doesn't impose any requirements on
application flow which would interfere with the RESTfulness of your web
app.

How are you implementing the web app?

If it's with servlets or JSPs, you can do this by configuration, without
having to write any code. You have to put some stuff in your web.xml
saying which URLs you want protected and a bit about how,

Then there's container-specific configuration about how the authentication
should be done - where the list of users is kept, that sort of thing. In
Tomcat, it's done with the server.xml file; see:

http://tomcat.apache.org/tomcat-5.5-doc/config/realm.html
http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html

The username and login would be saved in a (mysql) database!

Tomcat can do that - use a JDBCRealm or DataSourceRealm.

tom

 

[Frank Cisco]

Restful web service? Is that like one that's really lazy?

 

[Wouter]

Use HTTP authentication. In particular, HTTP digest authentication. It's
handled in the HTTP layer, so it doesn't impose any requirements on
application flow which would interfere with the RESTfulness of your web
app.

How are you implementing the web app?

If it's with servlets or JSPs, you can do this by configuration, without
having to write any code. You have to put some stuff in your web.xml
saying which URLs you want protected and a bit about how,

Then there's container-specific configuration about how the authentication
should be done - where the list of users is kept, that sort of thing. In
Tomcat, it's done with the server.xml file; see:

http://tomcat.apache.org/tomcat-5.5...at.apache.org/tomcat-5.5-doc/realm-howto.html


Tomcat can do that - use a JDBCRealm or DataSourceRealm.

tom

Thank you for your answer and this very usefull links Tom!
I don't want to have a real website. Just a backend web service for my
android application!
I want to read some xml data (REST objects) and do some posting on the
REST web service.
So I have a login screen at my Android application and i have to make
a HttpUrlConnection to the
web service and how can I check if the filled in username and password
is correct (that they exists in the database?)
How can I make this in my webservice?

Thx

Wouter

 

[Tom Anderson]

Thank you for your answer and this very usefull links Tom! I don't want
to have a real website. Just a backend web service for my android
application! I want to read some xml data (REST objects) and do some
posting on the REST web service. So I have a login screen at my Android
application and i have to make a HttpUrlConnection to the web service
and how can I check if the filled in username and password is correct
(that they exists in the database?) How can I make this in my
webservice?

As i said. Tell us more about how you're implementing the web service.

tom

 

[Arne Vajhøj]

Use HTTP authentication. In particular, HTTP digest authentication. It's
handled in the HTTP layer, so it doesn't impose any requirements on
application flow which would interfere with the RESTfulness of your web
app.

The only alternative is a custom HTTP header with username/password.

Arne

 

[Arne Vajhøj]

Restful web service? Is that like one that's really lazy?

http://en.wikipedia.org/wiki/REST

Arne

 

[Roedy Green]

I want to create a RESTful java web service

If you are using Applets or Java Web Start to login see
http://mindprod.com/jgloss/authentication.html

If just an ordinary browser, your servlet womb, such as Tomcat,
handles it for you (I don't recognise the term Restful). Your Servlets
can ignore authentication. You set it up in the Tomcat config files in
a fairly straightforward way. Just scan the docs for "login" or
"authentication". There are several types.
--
Roedy Green Canadian Mind Products
http://mindprod.com

"Danish studies of 10,000 birds killed revealed that almost all died in
collisions with buildings, cars and wires; only 10 were killed by windmills.
Alternative energy sources are absolutely necessary.
Global warming will kill birds and bats, as well as other species,
in much greater numbers than wind power."
~ Dr. David Suzuki

 

[Arne Vajhøj]

If you are using Applets or Java Web Start to login see
http://mindprod.com/jgloss/authentication.html

He wrote:

#I am developping an application for Android

If just an ordinary browser, your servlet womb, such as Tomcat,
handles it for you (I don't recognise the term Restful).

http://en.wikipedia.org/wiki/REST

Arne

 

[Richard Maher]

Hi,

He wrote:

#I am developping an application for Android

Is there any chance that the OP is using (looking to use) IPsec for a VPN,
or that anyone else here knows something about how this MOBIKE
(http://www.ietf.org/rfc/rfc4555.txt) protocol works?

If so, can you please just confirm that this protocol allows a hand-held
device to receive dynamic IP addresses from its carrier(s) yet still remain
a part of the IPsec configured VPN to a given host(s)?

This has to be the mutt's nuts!

Sorry if it's off-topic but I saw the following this morning and this post
rang a bell: -
http://www.net-security.org/secworld.php?id=7257

http://en.wikipedia.org/wiki/REST

Arne

Cheers Richard Maher

 

[Wouter]

As i said. Tell us more about how you're implementing the web service.

tom

Sorry I never created a web service before.
I only want to use this web service now to send HTTP request (HTTP
POST and HTTP GET) in my Google Android application.
If a user logins at my application (with username and password) the
username and password would be sended to my
web service and checked if this is right? But how can i do this first?
Every user must first create a user account
and with this username he can login at the application. And for every
user specific different data would be saved.

I will explain my application more in detail:
I am developping a small social network application where a user can
login and post photos and see this photos on a map (with geolocation).
He also can save his own location and make placemarks on a map. All
these things have to be saved in a database. And with HTTP GET i would
request all the data I want as XML or JSON and parse it in my
application.

Can you help me,

Thanx

 

[Tom Anderson]

The only alternative is a custom HTTP header with username/password.

Or form authentication. Or SSL.

tom

 

[Wouter]

Or form authentication. Or SSL.

tom

How can i make this? I have a user database with username and password
field!
How can i make my login web service for the login?

THX

 

[Arne Vajhøj]

Or form authentication. Or SSL.

SSL with client certificate could be used.

Form authentication could not be used. Not in REST - it is supposed
to be stateless.

Arne

 

[Arne Vajhøj]

Sorry I never created a web service before.
I only want to use this web service now to send HTTP request (HTTP
POST and HTTP GET) in my Google Android application.

The web service will (usually) not send HTTP requests but receive them.

If a user logins at my application (with username and password) the
username and password would be sended to my
web service and checked if this is right?
Yes.

But how can i do this first?
Every user must first create a user account
and with this username he can login at the application. And for every
user specific different data would be saved.

Have the users create accounts via an ordinary web app.

I will explain my application more in detail:
I am developping a small social network application where a user can
login and post photos and see this photos on a map (with geolocation).
He also can save his own location and make placemarks on a map. All
these things have to be saved in a database. And with HTTP GET i would
request all the data I want as XML or JSON and parse it in my
application.

It should work.

Arne

 

[Wouter]

The web service will (usually) not send HTTP requests but receive them.


Yes.

And how can i make this? It's my first time for developing a java web
service!

Have the users create accounts via an ordinary web app.

Ok i will make a web page where the users can create their account!

 

[Arne Vajhøj]

And how can i make this? It's my first time for developing a java web
service!

Web services are code just like any other code.

You will need a Java web container like Tomcat and you will
make life a lot easier for yourself by using a toolkit like
restlet instead of handcoding a servlet.

Arne

 

[Wouter]

Web services are code just like any other code.

You will need a Java web container like Tomcat and you will
make life a lot easier for yourself by using a toolkit like
restlet instead of handcoding a servlet.

Arne

Ok thank you Arne!
I have already created a web service with reslet and this is a great
framework!
I am now trying to let it work with a database (jdbc)

Thx

 

[Wouter]

Ok thank you Arne!
I have already created a web service with reslet and this is a great
framework!
I am now trying to let it work with a database (jdbc)

Thx

Hey,

What do you prefer to use for the database?
Object Database (db4o) or xml Database or jdbc (mysql)?

Greetz

 

[Lew]

What do you prefer to use for the database?
Object Database (db4o) or xml [sic] Database or jdbc [sic] (mysql [sic])?

I prefer JPA (Java Persistence API) with PostgreSQL. (MySQL is far from the
only, and far from the best, choice for a relational database management
system [RDBMS]).