I want to get some information from a REST Web Service and I am thinking of which is the most better way performance and architecture wise.
I am using Apache http library and am coding in Java.
The process is as follows:
Requesting a SAML assertion.(POST)
When i get the SAML assertion I input it in another POST call in order to get an access token.(POST)
I get a Json with the Access Token, an I parse it and I save it in a String Then I make a GET call in order to validate the access token.
As soon as the access token is okay, I then have to make several GET calls (about 3-4 ) with the same access token in order to receive xmls with the information that I want which I will parse and get the information.
Whih is the best way / architecture wise in java to do all this process?
You mean OAuth Authorization. OAuth doesn't do authentication. That's what the SAML identity provide is for.
You left a lot out of your rough design. For instance, how are you going to let the user authenticate themselves with the identity provider? Will the client application be running in a web browser or as a desktop or mobile app?
them good ole boys were drinking whiskey and rye singin' this'll be the day that I die. Drink tiny ad.