Hello All,

What is the security context of the new REST services ? How to get/check the user that is consuming them ?

Thanks a lot !

Best Regards, Yordan Yunchov

asked 04.07.2016 at 13:22

Stelt0's gravatar image

accept rate: 12%

edited 14.11.2016 at 09:39

Reguel%20Wermelinger's gravatar image

Reguel Werme... ♦♦

The REST service provided by Axon.ivy are be default protected by HTTP BASIC Authentication. We suggest that you use https to communicate with the provided services since HTTP BASIC sends passwords in cleartext. All Axon.ivy users of an application can be used to authenticate against the REST service.

Since 6.4 you can customize the security for each service or even on single methods:

  • @javax.annotation.security.PermitAll: allows unauthenticated access to anonymous users
  • @javax.annotation.security.RolesAllowed: users must be authenticated and own the defined roles
  • @javax.annotation.security.DenyAll: nobody is allowed to invoke this service
  • See the SecureService in the ConnectivityDemos for a demo:
  • Or look at the Jersey chapter about secure annotations. https://jersey.java.net/documentation/latest/security.html#annotation-based-security

alt text

This answer is marked "community wiki".

answered 04.07.2016 at 15:24

Reto%20Weiss's gravatar image

Reto Weiss ♦♦
accept rate: 74%

edited 07.09.2018 at 03:49

Reguel%20Wermelinger's gravatar image

Reguel Werme... ♦♦

Thanks Reto !

(04.07.2016 at 15:30) Stelt0 Stelt0's gravatar image
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: 04.07.2016 at 13:22

Seen: 1,996 times

Last updated: 07.09.2018 at 03:49