When developing a web service (hospital management system) using Java EE, is it necessary for each web service call to verify that the user is registered?
Which authentication method is the best JAAS, WS-Security, SAML, or a combination or using native tokens ?
It all depends on how your web service will be implemented or it will be. If you have a choice, I would recommend using the REST approach, authenticate the user with some kind of login function, and then maintain a user session.
You can use filters.
Here is an example of using filters:
http://viralpatel.net/blogs/2009/01/tutorial-java-servlet-filter-example-using-eclipse-apache-tomcat.html
Basically, you determine the URL to which you want to apply filters, the filter allows the user, and then calls chain.doFilter (request, response); to call the requested method after authorization.
You can also take a look at this authentication and authorization of the jax-rs web service
Personally, I use tokens for authorization.
Source: https://habr.com/ru/post/1391021/More articles:How to get a mechanism for automatically converting a body to UTF8? - ruby | fooobar.comPluralization in Rails View Tasks - ruby-on-railsDoes my phone have a front camera AND / OR microphone? - c #Django / Python update field values (while saving the model) - pythonChart Get a comment on the public message - facebookRails: how to display image from download - ruby-on-railsSecured authentication in web service - javaSbt Unresolved Dependencies (Invalid command: gen-idea) - scalaSelectedValue, which is invalid because it does not exist in the list of items - c #Error sending array in node.js and socket.io - arraysAll Articles