Implementing REST Service (JSON) on Google AppEngine [closed]

Answer 1

If your idea is to consume a REST webservice from iPhone, I would ask you to look in to this article . For security , the better thing is to go for SSL.

Answer 2

Just use a keychain solution. If you are sure it is the built in authentication provided by Apple.

Roydell Clarke

Answer 3

If you're going to implement REST service then check out the many JAVA frameworks for REST ( e.g. RESTEasy, Jeresy, Restlet ...) They all have some support for GAE, whether it's an out of the box support or using some minor tweaks. In addition all of these framework have providers for generating JSON response.

Also be sure to check out the "will it play in app engine page" for any framework you consider using

Regarding security, well, unless you enforce all communication is done over https, basic authentication is pretty basic. It basically sends the user credentials in plain text for every request.

GAE offers built in user management for users with google account, so if all your users are also google users that would be the easiest and most secure way to handle authentication.

The alternatives are:

1. Let other system authenticate the users, e.g. facebook, google, open-id
2. Implement a secured login form (using https), and then authenticate the users using a cookie