Securing REST Web Services With OAuth

less than 1 minute read

It’s been a while since the last OpenSSO article at Sun Developer Network (the excellent, three-part, Troubleshooting OpenSSO with Firefox Add-Ons), but Malla and Rick have come up trumps with Securing REST Web Services With OAuth.

The article recasts the tried and true ‘stock quote sample’ as a RESTful web service with access protected by OAuth via OpenSSO and Jersey (Sun’s open source implementation of JAX-RS, aka JSR 311). This is technology that has hitherto only been demonstrated in a demo at JavaOne 2009, so it’s great to see it being successfully applied here.

Go read the article and discover how OpenSSO, Jersey and OAuth combine to secure RESTful web services!



Maria Radyuk

Hi! Thank you for useful tips!
May I ask one question?
I have 1 Sun App Server with two applications that i want to protect with opensso and 1 opensso agent. I decide to create 2 subreams in OpenSSO server for applications user data. Is there the way to use different login pages for my applications?
Thank you very much.
BR, Maria

Pat Patterson

Hi Maria - I think you could do this by customizing the login page. I'm not sure if you can have two login JSPs (one per realm), but you can certainly customize a single login JSP to do things like look at the realm parameter and show different UI accordingly.

BTW - the best place for questions like this is the OpenSSO users list - to subscribe:

1. Go to and register for a account.
2. Go to and request 'Observer' role on OpenSSO.
3. Go to and subscribe to '[email protected]'.

Leave a Comment

Your email address will not be published. Required fields are marked *