Map Implementing secure JAX-RS applications

The IBM® Java™ API for RESTful Web Services (JAX-RS) runtime environment is driven a servlet derived from the Apache Wink project. Within the WebSphere® Application Server environment, the lifecycle of servlets is managed in the Web container. Therefore, the security services offered by the Web container are applicable to REST resources that are deployed in WebSphere Application Server.

About this task

You can define and add security constraints on the REST resources using the same tooling that is used to assemble REST applications. These constraints are captured in the J2EE Web deployment descriptor that is associated with your application. The following list describes security definitions that you can include in the deployment descriptor: All the security mechanisms supported by the Web container are applicable to REST resources, including the use of the Kerberos-based SPNEGO authentication mechanism.

Procedure

  1. Configure the development environment.
  2. Define the resources in JAX-RS Web applications.
  3. Configure the web.xml file for the JAX-RS application.
  4. Secure JAX-RS applications within the Web container.
  5. Assemble JAX-RS Web applications.
  6. Deploy JAX-RS Web applications.
  7. Administer the secure JAX-RS application.

Results

You have developed and deployed a secure JAX-RS Web application on the application server. You can also use the administrative console to administer your secure JAX-RS application.




Related concepts
Overview of IBM JAX-RS
Related tasks
Securing JAX-RS applications within the Web container
Administering secure JAX-RS applications
Implementing JAX-RS Web applications
Related reference
Web services specifications and APIs


Terms of Use | Feedback

Last updated: Feb 19, 2011 8:23:11 AM CST
File name: ae/twbs_jaxrs_impl_securejaxrs.html