Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
So in a previous question I asked about whats the most RESTful way to do something like authentication. The response was to create a ticketing system where a post was done, and a ticket was issued. Then all further requests would send along this ticket. My question is, how do I send along this ticked with each request in a RESTful manner? Would GETs look something like:
http://www.mysite.com/resource?ticket=ticketnumber
And isn’t this starting to get RPCish now that I’m including parameters?
Why not use standard HTTP authentication methods instead of inventing your own? If they’re not sufficient or appropriate, add your credentials or ticketing info to a custom header rather than polluting the URI with it.
Your URIs should identify your resources, no more, no less. Adding meta or contextual information to the URI pollutes them and will make your system more difficult to evolve, because your authentication mechanism will be directly and permanently coupled to your resources. Instead, move your authentication mechanism into an HTTP header, where it belongs.