我想建立一个灵活的APICRes服务器。 我将允许客户使用“吉大港”或“安普切”认证。
我的问题是:如何以正确的方式把钥匙添加到GET的请求中? 我的问题是ur子污染ur。
我想到这样的东西:
我想建立一个灵活的APICRes服务器。 我将允许客户使用“吉大港”或“安普切”认证。
我的问题是:如何以正确的方式把钥匙添加到GET的请求中? 我的问题是ur子污染ur。
我想到这样的东西:
我认为,你只能使用授权书的负责人。 这符合实际情况。
废除《欧洲刑法》是一个坏的想法,因为:
a) as you said it pollutes the URL
b) if you decide to go SSL for security then the API will still appear in log files
c) caches will end up creating multiple copies of the same representation, one for each api key.
For more information on creating your own Authorization scheme go here.
Credentials may be passed using the Authorization
header:
GET http://domain.com:/book/1
Authorization: apikey="s4cr4t"
这一切都取决于你想要走到什么路,但机械师却保持同样的距离:
Context
The goal is to identify the client with some level of security. (Note: Security is another detailed discussion). Remember that one if the “features” of REST is to be stateless: That means no session state on the server except for resources. To keep the client stateless, it needs to supply on each request enough information that the request is independent. It must give the server a way to identify the client such as a username/password, API Key or token.
在这方面,你有各种选择:
www.un.org/Depts/DGACM/index_spanish.htm 添加《吉大港行动计划》标题,以识别客户。
这里可以使用授权书负责人,并随要求发送。 有各种认证计划,但坚持标准计划,如Basic Auth。 在这里,你可能坚持SSL。 如果你愿意,认证过程会产生某种象征性。
你们也可以利用ok。 co必须包含
采用上述方法,也可确定客户头盔,如Api-Key:XXXX。 但随后,你将休庭限于特别客户。 Set-Cookie是“熟悉的”头脑,因此浏览器将以透明的方式处理。 然后可以通过下列链接和填写表格(PUT+POST)进行认证(认证会议资源)。
www.un.org/Depts/DGACM/index_spanish.htm 在内容上打上标识
Here you are free to do what you want too. Just add a field/token/id to your content and let the server verify it.
友好型号确实通过解决链接而应用。 See also HATEOAS和。 如果在申请方面有单独的伐木过程,这也适用。
不要将任何数据输入国际数据协会。 (单位信息摘要)
im currently setting up asp.net to accept DELETE http verb in the application. However, when i send "DELETE /posts/delete/1" i always get a 405 Method not allow error. I tried to take a look at ...
I ve just finished an online service for shortening URLs (in php5 with Zend Framework); you can enter an URL and you get an short URL (like tinyurl and such sites). I m thinking about the API for ...
We re implementing a REST client on JRE 1.4. Seems two good options for a client REST framework are HttpClient and HttpUrlConnection. Is there a reason to use HttpClient over the JRE s ...
I m using the Spring RESTTemplate on the client side to make calls to a REST endpoint. The client in this case is a Spring app and Tomcat is the servlet container. I m running into issues making a ...
friendfeed.com uses 302. bit.ly uses 301. I had decided to use 303. Do they behave differently in terms of support by browsers ?
I have written a pretty extensive REST API using Java Jersey (and JAXB). I have also written the documentation using a Wiki, but its been a totally manual process, which is very error-prone, ...
We are re-developing our buyonline functionality and we are doing it the RESTful way. The process is a three step one and the customer is asked to enter data at each step. Let s say the three URL s ...
The Microsoft AJAX Library Preview 6 and jQuery provide several ways to make the sorts of calls I need: Sys.Net.WebRequest (ASP.NET Ajax) Sys.Net.WebServiceProxy (ASP.NET Ajax) $.ajax (jQuery) Sys....