REST service security

0

Hello All,

What is the security context of the new REST services ? How to get/check the user that is consuming them ?

Thanks a lot !

Best Regards, Yordan Yunchov

asked 04.07.2016 at 13:22

Stelt0's gravatar image

Stelt0
(suspended)
accept rate: 12%

edited 14.11.2016 at 09:39

Reguel%20Wermelinger's gravatar image

Reguel Werme... ♦♦
9.4k31958
One Answer:
active answersoldestnewestmost voted
1

The REST service provided by Axon.ivy are be default protected by HTTP BASIC Authentication. We suggest that you use https to communicate with the provided services since HTTP BASIC sends passwords in cleartext. All Axon.ivy users of an application can be used to authenticate against the REST service.

Since 6.4 you can customize the security for each service or even on single methods:

  • @javax.annotation.security.PermitAll: allows unauthenticated access to anonymous users
  • @javax.annotation.security.RolesAllowed: users must be authenticated and own the defined roles
  • @javax.annotation.security.DenyAll: nobody is allowed to invoke this service
  • See the SecureService in the ConnectivityDemos for a demo:
  • Or look at the Jersey chapter about secure annotations. https://jersey.java.net/documentation/latest/security.html#annotation-based-security

alt text

link
This answer is marked "community wiki".

answered 04.07.2016 at 15:24

Reto%20Weiss's gravatar image

Reto Weiss ♦♦
4.9k202857
accept rate: 74%

edited 07.09.2018 at 03:49

Reguel%20Wermelinger's gravatar image

Reguel Werme... ♦♦
9.4k31958

Thanks Reto !

(04.07.2016 at 15:30) Stelt0 Stelt0's gravatar image

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Tags:

×40
×33

Asked: 04.07.2016 at 13:22

Seen: 3,183 times

Last updated: 07.09.2018 at 03:49

Related questions

How to secure Rest Services from Ivy 6.2 with Authorization Bearer instead of Basic

Is it possible to access Ivy's RESTful API from an HtmlDialog or within the same session?

Ajax call from HTML Dialog to consume Web Service and REST Service

Complete Task from REST

Java blocks Rich Dialog applications and we cannot update

LDAP API call cache

REST API and JSESSIONID

How to get the URL of a process start within a JAX-RS class

Consuming Rest in Plugin Project

Changing the Security System