Trace:
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
applications:rest_extensions [2019/03/08 09:20] admin |
applications:rest_extensions [2019/03/08 10:24] admin |
||
|---|---|---|---|
| Line 42: | Line 42: | ||
| </servlet-mapping> | </servlet-mapping> | ||
| </file> | </file> | ||
| + | |||
| + | The authentication type defines that the configured SecurityManager will be used for authentication without pre-authentication with BASIC authentication. Usually, the BASIC authentication will be done before using the SecurityManager (e.g. authtype set to basic). The forward mode can be used to implement Single-Sign-On or no-authentication at all. | ||
| + | |||
| + | In our case, we performa an anonymous authentication with a pre-configured user. This enables you to configure the user with roles and offer Public REST services without changing the appliation. | ||
| + | |||
| + | To enable anonymous authentication, use the [[applications:anonymous_connection|AnonymousDBSecurityManager]] in your config.xml: | ||
| + | |||
| + | <code xml> | ||
| + | <securitymanager> | ||
| + | <class>com.sibvisions.apps.server.security.AnonymousDBSecurityManager</class> | ||
| + | <accesscontroller>com.sibvisions.apps.server.object.DBWorkScreenAccess</accesscontroller> | ||
| + | ... | ||
| + | </securitymanager> | ||
| + | </code> | ||
| + | |||
| + | To finish the configuration, set one user in the USERS database table as anonymous user. Simply set the column ANONYMOUS to 'Y'. | ||
| + | That's all you need. | ||
| + | |||
| + | Now it's possible to test you REST services, e.g. | ||
| + | <code> | ||
| + | http://localhost:8080/webapp/services/rest/myapp/Session/action/getInternalName?client.login.anonymous=true | ||
| + | </code> | ||
| + | |||
| + | In above URL, the application is available in the context **webapp**. The application name is **myapp** and the **Session** LCO contains the method: | ||
| + | |||
| + | <code java> | ||
| + | public String getInternalName() | ||
| + | { | ||
| + | return "Session"; | ||
| + | } | ||
| + | </code> | ||
| + | |||
| + | In our current configuration, the anonymous user will use the same LCO (Session) like the authenticated user. This might be good but can be a risk if the anonymous user shouldn't be able to use the same services. To change the LCO, it's possible to configure a custom LCO, via config.xml: | ||
| + | |||
| + | <code xml> | ||
| + | <lifecycle> | ||
| + | <mastersession>com.sibvisions.apps.myapp.Session</mastersession> | ||
| + | <application>com.sibvisions.apps.myapp.Application</application> | ||
| + | | ||
| + | <anonymoussession>com.sibvisions.apps.myapp.Anonymous</anonymoussession> | ||
| + | </lifecycle> | ||
| + | </code> | ||
| + | And the LCO code: | ||
| + | |||
| + | <file java Anonymous.java> | ||
| + | @StrictIsolation | ||
| + | @Replacement(name = "Public") | ||
| + | public class Anonymous extends GenericBean | ||
| + | { | ||
| + | public String getInternalName() | ||
| + | { | ||
| + | return "Anonymous"; | ||
| + | } | ||
| + | } | ||
| + | </file> | ||
| + | This class doesn't extend the Session LCO and it's an [[jvx:server:lco:session_isolation|Isolated LCO]]. And the class-name got a [[jvx:server:lco:objects_rename|Replacement]] with the name Public. | ||
| + | |||
| + | With this configuration, our REST call will be changed to: | ||
| + | <code> | ||
| + | http://localhost:8080/webapp/services/rest/myapp/Public/action/getInternalName?client.login.anonymous=true | ||
| + | </code> | ||
| + | The LCO name is now **Public**. The call with the original name, **Anonymous**, is also possible | ||
| + | <code> | ||
| + | http://localhost:8080/webapp/services/rest/myapp/Anonymous/action/getInternalName?client.login.anonymous=true | ||
| + | </code> | ||
| + | |||