hub.eb?material_id=544&track_id=546
Login
Back

Securing a REST Service

When publishing a REST Service, you can require the user to Authenticate using Basic Authentication.

Within an endpoint event, you can access the Basic Authentication string using the following method:

var credentials = form.rest.readBasicAuthenticationCredentials();
if(credentials.getUsername() == "user" && credentials.getPassword()== "pwd"){

}
else{
  //send back forbidden status
  form.rest.setStatus(403);
}

Alternatively, for other Authorization types you can access the Authorization header directly using form.rest.getRequestHeader(‘Authorization’). Examples of creating custom authentication methods can be found here.

Steps

1

Create a Public REST Service and an endpoint called

2

Add an Endpoint Event Script to the endpoint with the following code:

var credentials = form.rest.readBasicAuthenticationCredentials();
if(credentials.getUsername() == "user" && credentials.getPassword()== "pwd"){
  log(“Authentication -  Success”);
}
else{
  //send back forbidden status
  form.rest.setStatus(403);
}
3

Test the endpoint . Set the Authentication to Basic and use the username ‘user’ and password ‘pwd’.

Previous PageNext Page

Current Module

REST Security
view
Introduction to REST Security
view
Basic Authentication
view
Digest Authentication
view
NTLM Authentication
view
OAuth 2.0
view
Securing a REST Service
REST Security in Code
view

Related

Documenting a REST Endpoint
view
REST Services
view
Introduction to REST Security
view
REST Security in Code
view
REST Security
view
Previous PageNext Page