There is another solution that can make HTTPauthentication practical. For applications
that can handle a JavaScript dependency, Paul James has created an ingenious way
to use HTTPauthentication with HTML forms. Details are at http://www.peej.co.uk/
articles/http-auth-with-html-forms.html. This method uses XMLHttpRequest to try
an authentication through HTTPagainst a remote server. Once the authentication is
complete, the credentials are stored as usual in the browser and used on future
requests to the protected content. There are a few rough edges with browser support
(the logout feature is not supported in Internet Explorer), but otherwise this is a
wonderful solution.
Benefits of a RESTful Architecture
In this chapter, we have touched on some of the benefits that a RESTful application
architecture can provide, and hopefully you have seen some of those benefits for
yourself. Now we will list and explain each of the major benefits that REST strives to
achieve.
* Although RFC 2617 does not mandate any checking of nonce values, it suggests it, subject to the application??™s
need for security against replay attacks.
206 | Chapter 7: REST, Resources, and Web Services
Conceptual Simplicity
The cornerstone of REST is simplicity. The decision to use a standard set of verbs
(whether the HTTPverbs or some other set) virtually eliminates an entire area of discussion.
Pages:
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322