We have a Spring + Spring security system, with users and their roles. There is a web service (REST Jersey)

Each role should have access to certain service methods. How to organize authorization for rest clients?

The option with the transfer of username and password, getting a token and working with a token while we miss.

What are some third-party solutions, and which ones are the most successful for solving the problem (OAuth2 and others)?

  • REST authorization ?! %) Authorize the user (not by REST), give him a token / key, send this token / key in each http request to your service. Oh yes! Upon authorization, inform your service of the received key / token. - uorypm
  • @uorypm, this is a classic solution, I want something more interesting) - zamutil

0