在Java EE中的Web服务认证 [英] Web Service authentication in Java EE
问题描述
在开发使用Java EE Web服务(医院管理系统),它是必要的,每个Web服务调用,它必须检查该用户在登录??
When developing a Web service(Hospital Management System) using Java EE, is it necessary that for each Web Service call, it has to be checked that the user is logged in??
哪种身份验证方法是最好的JAAS,WS-Security的,SAML,或者组合或使用自己的令牌?
Which authentication method is the best JAAS, WS-Security, SAML, or a combination or using own tokens??
推荐答案
这一切都取决于如何为您的Web服务实现/或它的将是。如果你仍然有一个选择,我会建议使用REST方法去,用某种登录功能验证用户,然后维护用户的会话。
It all depends on how is your web service implemented/or its going to be. If you still have a choice I would recommend going with REST approach, authenticate the user with some kind of login functionality and then maintain users session.
这篇关于在Java EE中的Web服务认证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!