How to handle authentication in a RESTful Client-Server architecture is a
matter of debate.
Commonly, it can be achieved, in the SOA over HTTP world via:
- HTTP basic auth over HTTPS;
- Cookies and session management;
- Query Authentication with additional signature parameters.
We'll have to adapt, or even better mix those techniques, to match our
framework architecture at best.
Each authentication scheme has its own PROs and CONs, depending on the
purpose of your security policy and software architecture.