There are several frameworks to do secure Java RESTful web services. I would recommend "Apache Shiro" (http://shiro.apache.org/), it is a very nice and easy to use security framework that will allow you to implement the API token security scheme you mention. Take a look at this response: REST API key generation strategy(where I gave some insights on creating such a solution).

有几个框架可以确保 Java RESTful Web 服务的安全。我会推荐“Apache Shiro”（http://shiro.apache.org/），它是一个非常好用且易于使用的安全框架，可让您实现您提到的 API 令牌安全方案。看看这个回复：REST API 密钥生成策略（我在那里提供了一些有关创建此类解决方案的见解）。

There are other security frameworks you can use, namely Java EE has support for security and also Spring provides support for security. Take a look at this very nice presentation by Matt Raible where he presents and demos these three frameworks: http://www.slideshare.net/mraible/java-web-application-security-denver-jug-2013

您可以使用其他安全框架，即 Java EE 支持安全性，Spring 也提供安全性支持。看看 Matt Raible 的这个非常好的演讲，他介绍并演示了这三个框架：http://www.slideshare.net/mraible/java-web-application-security-denver-jug-2013

Avoid to implement "your own security scheme" (if you are not an expert in the topic...), there are many issues that may be overlooked and lead to problems... normally these frameworks help a lot on avoiding that.

避免实施“您自己的安全方案”（如果您不是该主题的专家......），有许多问题可能会被忽视并导致问题......通常这些框架有助于避免这种情况。

HTH.

哈。

You can take a look at OAuth. Its widely adopted and there are libraries that help you implement the protocol

你可以看看 OAuth。它被广泛采用，并且有一些库可以帮助您实现协议