Hi, I have to provide public/private key authentication for accessing web service (REST) from client in my web2py application.How to achieve it?
Scenario: 1.Each client will have unique private key which will be sent to the server alongwith request. 2. Server has to authenticate private key using public key(unique for each client) and then allow to access the web service method. For e.g. suppose one client say X has requested for web service "add()" so server has to first validate the public key with client's private key and if validation is successful then allow to access the web service "add()". Challenges: where to store public key of each client?we can't store it in the db because server can't access db before validation of web service method.So will it be store somewhere in PC(where server is running)?if yes then how and which format? NOTE: Here Server will be completely written in web2py and client is separate application running on the hardware device. --