Authorization with Restlet JAX-RS Extension

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Authorization with Restlet JAX-RS Extension

Furkan KAMACI
I have an application which uses restlet 2.2 and JAX-RS extension which can provide authentication. However I couldn't add authorization to it. This is my code which is in a class that extended from  javax.ws.rs.core.Application:

    Context childContext = component.getContext().createChildContext();
    JaxRsApplication application = new JaxRsApplication(childContext);
    application.add(this);
    application.setStatusService(new ErrorStatusService());
    childContext.getAttributes().put(NUTCH_SERVER, this);
 
    ChallengeAuthenticator challengeGuard = new ChallengeAuthenticator(null, ChallengeScheme.HTTP_BASIC, "REST API Realm");

    //Create in-memory users with roles
    MemoryRealm realm = new MemoryRealm();
    User user = new User("user", "user");
    realm.getUsers().add(user);
    realm.map(user, Role.get(null, ""));
    User owner = new User("admin2", "nutch");
    realm.getUsers().add(owner);
    realm.map(owner, Role.get(null, "admin"));

    //Attach verifier to check authentication and enroler to determine roles
    challengeGuard.setVerifier(realm.getVerifier());
    challengeGuard.setEnroler(realm.getEnroler());
    challengeGuard.setNext(application);

My resource classes are annotiated with @Path annotation as well. How can I add role based authentication into it?

--
You received this message because you are subscribed to the Google Groups "Restlet Framework (Discuss)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].