You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ofbiz.apache.org by Rishi Agr <ri...@gmail.com> on 2022/02/22 11:56:08 UTC
Rest API bypassing certain APIs from authentication
Hi, I am implementing an API that needs to be processed without
authentication. This API will be publicly accessible. I have tried to set
the rest and services definition with auth="false" but it has not helped.
Below is a small code
rest.xml
<resource description="Some desc" displayName="SomeName" auth="false"
publish="true"
name="Some name" path="/rest/test">
services.xml
<service name="seomMethod" engine="java"
location="com.test.MyService" invoke="seomMethod" auth="false">
Can someone let me know what am I missing or doing wrong?
Re: Rest API bypassing certain APIs from authentication
Posted by Rishi Agr <ri...@gmail.com>.
Hi Michael,
I added the configuration of auth="false" for the specific operation
instead of the resource. This worked. Thank you
On Tue, Feb 22, 2022, 14:47 Michael Brohl <mi...@ecomify.de> wrote:
> Hi Rishi,
>
> how is your operation inside the resource being configured?
>
> If ommitted, auth defaults to true there.
>
> Best regards,
>
> Michael Brohl
>
> ecomify GmbH - www.ecomify.de
>
>
> Am 22.02.22 um 12:56 schrieb Rishi Agr:
> > Hi, I am implementing an API that needs to be processed without
> > authentication. This API will be publicly accessible. I have tried to set
> > the rest and services definition with auth="false" but it has not helped.
> > Below is a small code
> > rest.xml
> > <resource description="Some desc" displayName="SomeName" auth="false"
> > publish="true"
> > name="Some name" path="/rest/test">
> >
> > services.xml
> > <service name="seomMethod" engine="java"
> > location="com.test.MyService" invoke="seomMethod"
> auth="false">
> >
> > Can someone let me know what am I missing or doing wrong?
> >
>
Re: Rest API bypassing certain APIs from authentication
Posted by Michael Brohl <mi...@ecomify.de>.
Hi Rishi,
how is your operation inside the resource being configured?
If ommitted, auth defaults to true there.
Best regards,
Michael Brohl
ecomify GmbH - www.ecomify.de
Am 22.02.22 um 12:56 schrieb Rishi Agr:
> Hi, I am implementing an API that needs to be processed without
> authentication. This API will be publicly accessible. I have tried to set
> the rest and services definition with auth="false" but it has not helped.
> Below is a small code
> rest.xml
> <resource description="Some desc" displayName="SomeName" auth="false"
> publish="true"
> name="Some name" path="/rest/test">
>
> services.xml
> <service name="seomMethod" engine="java"
> location="com.test.MyService" invoke="seomMethod" auth="false">
>
> Can someone let me know what am I missing or doing wrong?
>