The chapter provides the details on how to setup security for Representational State Transfer (ReST) Services.
The following topics are covered in this chapter:
With one-way SSL, the server is required to present a certificate to the client but the client is not required to present a certificate to the server. To successfully negotiate an SSL connection, the client must authenticate the server, but the server will accept a connection from any client. One-way SSL is common on the Internet where customers want to create secure connections before they share personal data. Often, clients will also use SSL to log on in order for the server can authenticate them.
ReST Committee recommends the use of one way SSL over ReST Services for 14.1.
See the following sequence:
ADF Mobile Security Set at the Mobile Client Level to Allow Authentication.
ADF Mobile Client Injects Authorization Header for Every Service Call (configuration changes).
J2EE based Basic Authentication (SSL) is configured in the ReST Service Web Application Descriptor to allow secure connectivity to ReST Service.