Comments on: Using Jersey Client OAuth Support with SmugMug

By: Elango

Elango — Thu, 29 Oct 2009 04:18:15 +0000

Hi Suneel
I am in need of some samples to implement the server side part of the OAuth. could you share some examples of how you verify the signature based on RSA-SHA1 if you are aware of any…

By: Suneel Marthi

Suneel Marthi — Fri, 23 Oct 2009 16:02:48 +0000

Thanks Paul and Martin,

I am good now.

Regards,
Suneel

By: Paul C. Bryan

Paul C. Bryan — Fri, 23 Oct 2009 15:15:32 +0000

Hmm, without the dot. http://wikis.sun.com/display/Jersey/OAuth

By: Paul C. Bryan

Paul C. Bryan — Fri, 23 Oct 2009 15:14:50 +0000

P.S. See also the Jersey-OAuth wiki page at http://wikis.sun.com/display/Jersey/OAuth.

By: Paul C. Bryan

Paul C. Bryan — Fri, 23 Oct 2009 15:10:26 +0000

Hi Suneel:

The OAuth Jersey extension proivdes server-side support for message signature validation. In the Jersey project, take a look at the com.sun.jersey.oauth.server.OAuthServerRequest class.

As Martin mentioned, I’d encourage you to post on the users@jersey.dev.java.net mailing list, as we frequently check for messages there. To join the mailing list, go to https://jersey.dev.java.net/servlets/ProjectMailingListList (you need to be logged-in to subscribe to the list).

Paul

By: Martin

Martin — Fri, 23 Oct 2009 09:52:58 +0000

Hi Suneel,
I am very glad Jersey works well for you. Paul and others are very responsive on the mailing list (users@jersey.dev.java.net) so I would encourage you to post any further questions there – that way others will be able to help you as well.
The OAuth in Jersey definitely supports the server side as well. It is implemented in oauth-server module (in my example I am using oauth-signature and oauth-client, so in your case you would also depend on oauth-server). See http://wikis.sun.com/display/Jersey/OAuth for some basic docs, you may want to look at the oauth-tests under jersey/contribs/jersey-oauth in the svn repo to get a better idea.
Hopefully this helps.
Martin

By: Suneel Marthi

Suneel Marthi — Fri, 23 Oct 2009 05:18:19 +0000

Hi Martin,

Thanks for posting this blog. I am presently working on a prototype that needs to implement OAuth to secure RESTful Services.

We are using Restlet on the project, but due to absence of any documentation and no working examples we had to ditch Restlet and switch over to Jersey.

I need to implement both a Service Consumer (the example you have provided here) and Service Provider. Looking at the Jersey OAuth extension, seems like it only supports the Client APi (for the Consumer); am I right?

Any pointers you could give me would be much appreciated.

Thanks for your help,
Suneel

By: Martin

Martin — Tue, 11 Aug 2009 07:32:05 +0000

Hi Paul, thank you and Hubert for this great contribution!

By: Paul C. Bryan

Paul C. Bryan — Mon, 10 Aug 2009 23:36:54 +0000

Hey Martin, glad to see the OAuth extensions worked for you.