RESTful authentication for REST web services.


I've already searched google, but most of articles make the assumption
that the user agent is a browser.

What if the user is accessing the same REST controller action via
another client (another ruby script for example)? How could I restrict
it to users that have an account in the system?

it's really a basic question - the app only serves certain parts of
the website for logged users when accessed through a browser user
agent, I want the same thing to happen when someone is accessing it
from another client and the app is responding the same action with a
different format (XML or RSS for example)



I believe the typical method is to use http authentication.