I have an application built with spring, hibernate, shiro, wicket, and jquery. I'm looking to add a RESTful framework to the mix, such as jersey or restlet.
Although the main UI is built and managed using Wicket, there will be several jQuery components embedded in the UI that need to send and receive JSON data via RESTful web services. These same web services will also be used by iPhone and Android applications, as well as other potential clients. When a user logs into my application, they are authenticated by shiro and get a cookie. This cookie is used to identify them for all future requests so that the application knows what features and data they are authorized to see. Most users use the remember me feature and rarely have to log in again. My hope is that the RESTful service will automatically use that same authentication cookie so that the web services only serve appropriate data for that user. Also, the plan is for the mobile apps (iphone/android) to have a UI for username/password and that it will then authenticate via a web service call and get a cookie to use on subsequent requests as well. I'm hoping someone can confirm that this approach will work, or advise me on other approaches before I move forward. Thanks! Tauren
