you can declare this in a handler to limit what verbs maybe be used per method:
this.allowedMethods = {
delete='delete',
get='get,post',
index='get'
};
you can declare this as a route to send a request to a particular method depending on the verb:
addRoute(pattern="my/pattern",handler="handler.method",action={get="get"});
which way is better to secure a restful api?
Both do the same thing at the end but at different points in time.
The allowed methods Dow sit at the handler level so you can easily intercept the security exception with an on error method convention.
If you do it at the ses routing level it basically skips the route so you better have a route that handles the errors
Luis Majano
CEO
Ortus Solutions, Corp
Toll Free/Fax: 1-888-557-8057
Direct: 909-248-3408
www.ortussolutions.com
Twitter: @lmajano, @ortussolutions
thanks, luis.