Hello ! I've attacheed recently my draft implementation of Spring Security integration with Restlet. You can download it here http://restlet.tigris.org/issues/show_bug.cgi?id=264.
The main idea is using it only with Spring. Since restlet framework has very good support it's easy to run restlet application within Spring container. The 2nd option i wanna mention is 2 different approaches that can be used for integrating Spring Security with restlet. 1st one is using AOP. You need to annotate methods with certain annoations that will make calls to those methods authentificated/autorized agains Spring Security rules 2nd approach is more common URL based. Calls to certain URLs are intercepted and verified with Spring Security classes. The configuration of Spring Security is done in comon way and doesn't require any restlet specific settings. Plz try this and tell your opinions. Any feedback will be very appreciated.
