Unfortunately in the case of serialization and deserialization of object graphs to various formats, there is no standardized annotation available (yes, this can result in a mess if you're not careful). The format-agnostic way to do this is to have custom MessageBodyReaders/MessageBodyWriters but that tends to be an overkill in most scenarios; besides, it also requires knowledge of the internals of libraries like Jackson.
About OAuth/OAuth2, I'd suggest reading this: http://bill.burkecentral.com/2.... The summary of that post is that you wouldnt need OAuth, unless you need to allow other parties to perform operations on behalf of the identities registered in your identity store. If your users in the store perform operations and do not delegate them to others, then sticking to the authentication schemes available out of the box should be good enough.
Settings
Vineet Reynolds
Unfortunately in the case of serialization and deserialization of object graphs to various formats, there is no standardized annotation available (yes, this can result in a mess if you're not careful). The format-agnostic way to do this is to have custom MessageBodyReaders/MessageBodyWriters but that tends to be an overkill in most scenarios; besides, it also requires knowledge of the internals of libraries like Jackson.
About OAuth/OAuth2, I'd suggest reading this: http://bill.burkecentral.com/2.... The summary of that post is that you wouldnt need OAuth, unless you need to allow other parties to perform operations on behalf of the identities registered in your identity store. If your users in the store perform operations and do not delegate them to others, then sticking to the authentication schemes available out of the box should be good enough.
5:07 a.m., Wednesday June 5
Moderate this comment by email
Email address: vineet.reynolds@gmail.com | IP address: 209.132.188.34
Reply to this email with “Delete”, “Approve”, or “Spam”, or moderate from the Disqus moderation panel.