could you explain the mobile device usecase more? Are you using a mobile web browser or do you have a mobile client application which is under your control?
i have to implement a mobile client application with native code, without a mobile web browser.
In that case, you can use Seam RESTEasy integration together with Seam Security. Seam Security comes with built-in support for HTTP Basic and HTTP Digest mechanisms. Alternatively, you can implement an Authenticator for two-legged OAuth yourself. Once you implement the Authenticator, you can secure your resources using @Restrict annotation (as you already did).
I recommend that you take a look at the Seam Tasks example, that demonstrates a basic JAX-RS web service secured with Seam Security (using HTTP basic).
Thank you Jozef!!
i did it with HTTP-Digest and SSL. It works like a charm :)
Im intressted as well in two-legged OAuth, you mentioned in your post.
Do you have further information how it can be established with seam?