Re: Setting up authentication for the REST interface ?

[Karl Wright <da...@gmail.com>]

The ticket is completed and will be released as part of both 1.9 and 2.1,
due out at the end of the month.

Thanks,
Karl


On Mon, Mar 30, 2015 at 8:51 PM, Karl Wright <da...@gmail.com> wrote:

> I've created CONNECTORS-1177 to track this issue.  Offhand I think it is
> straightforward to add some degree of session login support.
>
> Karl
>
> On Mon, Mar 30, 2015 at 12:00 PM, Karl Wright <da...@gmail.com> wrote:
>
>> Hi Jan,
>>
>> The reason that the REST interface is a separate web application is so
>> you can protect it in the manner of your choice, within the context of the
>> application server.  It was written before there were any particular
>> standards for authentication of REST web services.
>>
>> If you have an idea how you'd like to see the REST API authenticated
>> natively, please open a ticket so that we discuss this further.
>>
>> Thanks,
>> Karl
>>
>>
>> On Mon, Mar 30, 2015 at 11:12 AM, Jan van Haarst <ja...@vanhaarst.net>
>> wrote:
>>
>>> Hello all,
>>>
>>> At
>>> http://manifoldcf.apache.org/release/trunk/en_US/programmatic-operation.html
>>> there is a description of a REST interface to Manifold CF.
>>> This works very nice, I use it to fill the system with jobs, which saves
>>> me a lot of manual entry when testing.
>>>
>>> One thing bothers me though, out of the box it looks like there is no
>>> authentication necessary, and I also can't seem to find where to set it so
>>> that it does ask for credentials.
>>> Is this a security leak , or is my configuration missing a keyword ?
>>>
>>> --
>>> Dag,
>>> Jan
>>>
>>
>>
>