Section 8. RESTful Authentication
True RESTful Authentication stores credentials on the client and does not use the server-side state. Unfortunately, HTTP Authentication, the only means of storing credentials client-side, provides a poor user experience in Web browsers and makes logging out difficult. Therefore, following the normal method of keeping session information for a user is still the preferred method of authentication, even if is not RESTful. Limited support by Web browsers, however, does not mean that all clients are limited. In fact, few other clients support cookies, which makes session-based tracking more difficult.
To support both Web browsers and other clients, use Rick Olsen’s Restful Authentication plug-in. Restful Authentication ...
Get Rails Refactoring to Resources: Using CRUD and REST in Your Rails Application now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
