OpenID = using login credentials from an OpenID provider (Google) to login to another application (Stack Overflow)
The OpenID protocol enables websites or applications (Consumers) to grant access their own applications by getting an authentication through another service or application (Provider), without requiring Users to maintain a separate account/profile with the Consumers.
OpenID Providers (Whose service we use to authenticate an user)
OpenID RelyingParty (Who uses OpenID as their authentication)
JOpenID(http://code.google.com/p/jopenid/) - lightweight
openid4java(http://code.google.com/p/openid4java/) - documented
REST Authentication with OpenID
OAuth = Allowing an application (TwitPic) to act on your behalf to and access information from an application that you use (Twitter)
The OAuth protocol enables websites or applications (Consumers) to access Protected Resources from a web service (Service Provider) via an API, without requiring Users to disclose their Service Provider credentials to the Consumers.
OAuth Provider - Server Side (Who secures their service when exposed outside)
OAuth Consumer - Client Side (Who authenticate their users with Provider to consume data from Provider)
Scribe(https://github.com/fernandezpablo85/scribe-java) - lightweight
REST Authorization with OAuth
https://github.com/SpringSource/spring-security-oauth/wiki/tutorial - Tutorial
http://java.dzone.com/articles/spring-mvc-and-scribe-simple - Tutorial