Trace:
Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
applications:rest_extensions [2019/03/08 09:20] admin |
applications:rest_extensions [2019/03/08 10:24] admin |
||
---|---|---|---|
Line 42: | Line 42: | ||
</servlet-mapping> | </servlet-mapping> | ||
</file> | </file> | ||
+ | |||
+ | The authentication type defines that the configured SecurityManager will be used for authentication without pre-authentication with BASIC authentication. Usually, the BASIC authentication will be done before using the SecurityManager (e.g. authtype set to basic). The forward mode can be used to implement Single-Sign-On or no-authentication at all. | ||
+ | |||
+ | In our case, we performa an anonymous authentication with a pre-configured user. This enables you to configure the user with roles and offer Public REST services without changing the appliation. | ||
+ | |||
+ | To enable anonymous authentication, use the [[applications:anonymous_connection|AnonymousDBSecurityManager]] in your config.xml: | ||
+ | |||
+ | <code xml> | ||
+ | <securitymanager> | ||
+ | <class>com.sibvisions.apps.server.security.AnonymousDBSecurityManager</class> | ||
+ | <accesscontroller>com.sibvisions.apps.server.object.DBWorkScreenAccess</accesscontroller> | ||
+ | ... | ||
+ | </securitymanager> | ||
+ | </code> | ||
+ | |||
+ | To finish the configuration, set one user in the USERS database table as anonymous user. Simply set the column ANONYMOUS to 'Y'. | ||
+ | That's all you need. | ||
+ | |||
+ | Now it's possible to test you REST services, e.g. | ||
+ | <code> | ||
+ | http://localhost:8080/webapp/services/rest/myapp/Session/action/getInternalName?client.login.anonymous=true | ||
+ | </code> | ||
+ | |||
+ | In above URL, the application is available in the context **webapp**. The application name is **myapp** and the **Session** LCO contains the method: | ||
+ | |||
+ | <code java> | ||
+ | public String getInternalName() | ||
+ | { | ||
+ | return "Session"; | ||
+ | } | ||
+ | </code> | ||
+ | |||
+ | In our current configuration, the anonymous user will use the same LCO (Session) like the authenticated user. This might be good but can be a risk if the anonymous user shouldn't be able to use the same services. To change the LCO, it's possible to configure a custom LCO, via config.xml: | ||
+ | |||
+ | <code xml> | ||
+ | <lifecycle> | ||
+ | <mastersession>com.sibvisions.apps.myapp.Session</mastersession> | ||
+ | <application>com.sibvisions.apps.myapp.Application</application> | ||
+ | | ||
+ | <anonymoussession>com.sibvisions.apps.myapp.Anonymous</anonymoussession> | ||
+ | </lifecycle> | ||
+ | </code> | ||
+ | And the LCO code: | ||
+ | |||
+ | <file java Anonymous.java> | ||
+ | @StrictIsolation | ||
+ | @Replacement(name = "Public") | ||
+ | public class Anonymous extends GenericBean | ||
+ | { | ||
+ | public String getInternalName() | ||
+ | { | ||
+ | return "Anonymous"; | ||
+ | } | ||
+ | } | ||
+ | </file> | ||
+ | This class doesn't extend the Session LCO and it's an [[jvx:server:lco:session_isolation|Isolated LCO]]. And the class-name got a [[jvx:server:lco:objects_rename|Replacement]] with the name Public. | ||
+ | |||
+ | With this configuration, our REST call will be changed to: | ||
+ | <code> | ||
+ | http://localhost:8080/webapp/services/rest/myapp/Public/action/getInternalName?client.login.anonymous=true | ||
+ | </code> | ||
+ | The LCO name is now **Public**. The call with the original name, **Anonymous**, is also possible | ||
+ | <code> | ||
+ | http://localhost:8080/webapp/services/rest/myapp/Anonymous/action/getInternalName?client.login.anonymous=true | ||
+ | </code> | ||
+ |