在Google AppEngine上实施REST服务（JSON） [英] Implementing REST Service (JSON) on Google AppEngine

问题描述

我在Google AppEngine上实施REST服务。我宁愿使用GAE Java和JSON来进行服务和客户端之间的通信。

每个人都喜欢用这种方式做什么？

您更喜欢使用REST实现哪种类型的安全性？基本身份验证或其他东西？

另外，作为附注，每个人最喜欢在iPhone开发中使用REST + JSON服务的库是什么？ iPhone SDK中提供的标准框架？或者其他包装这些服务的库？

谢谢

如果您将实现REST服务，然后检查REST
的许多JAVA框架（例如 RESTEasy ， Jeresy ， Restlet ...）
他们都对GAE有一些支持，无论是开箱即用的支持还是使用一些小的调整。
另外，所有这些框架都有提供程序来生成JSON响应。

.google.com / p / googleappengine / wiki / WillItPlayInJavarel =nofollow>它会在应用程序引擎页面中播放您使用的任何框架

p>关于安全性，除非您强制所有通信都通过https完成，否则基本身份验证非常基本。它基本上以每份请求的纯文本格式发送用户证书。

GAE为使用Google帐户的用户提供内置的用户管理，因此如果您的所有用户都是Google用户，将是最简单和最安全的方式来处理身份验证。

可选方案如下：

1. 让其他系统认证用户，例如facebook，google，open-id


2. 实现安全登录表单（使用https），然后使用cookie验证用户

I am playing around with implementing a REST service on the Google AppEngine. I would prefer using GAE Java and JSON for communication between the service and clients.

What is everyone's favorite libraries for doing this?

What type of security do you prefer to implement using REST? Basic authentication or something else?

Also, as a side note, what is everyone's favorite libraries to use in iPhone development to consume REST + JSON services? The standard frameworks provided in the iPhone SDK? Or other libraries that wrap these services?

Thanks

解决方案

If you're going to implement REST service then check out the many JAVA frameworks for REST ( e.g. RESTEasy, Jeresy, Restlet ...) They all have some support for GAE, whether it's an out of the box support or using some minor tweaks. In addition all of these framework have providers for generating JSON response.

Also be sure to check out the "will it play in app engine page" for any framework you consider using

Regarding security, well, unless you enforce all communication is done over https, basic authentication is pretty basic. It basically sends the user credentials in plain text for every request.

GAE offers built in user management for users with google account, so if all your users are also google users that would be the easiest and most secure way to handle authentication.

The alternatives are:

1. Let other system authenticate the users, e.g. facebook, google, open-id
2. Implement a secured login form (using https), and then authenticate the users using a cookie

这篇关于在Google AppEngine上实施REST服务（JSON）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！