manifoldcf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Karl Wright <daddy...@gmail.com>
Subject Re: Setting up authentication for the REST interface ?
Date Tue, 31 Mar 2015 00:51:15 GMT
I've created CONNECTORS-1177 to track this issue.  Offhand I think it is
straightforward to add some degree of session login support.

Karl

On Mon, Mar 30, 2015 at 12:00 PM, Karl Wright <daddywri@gmail.com> wrote:

> Hi Jan,
>
> The reason that the REST interface is a separate web application is so you
> can protect it in the manner of your choice, within the context of the
> application server.  It was written before there were any particular
> standards for authentication of REST web services.
>
> If you have an idea how you'd like to see the REST API authenticated
> natively, please open a ticket so that we discuss this further.
>
> Thanks,
> Karl
>
>
> On Mon, Mar 30, 2015 at 11:12 AM, Jan van Haarst <jan@vanhaarst.net>
> wrote:
>
>> Hello all,
>>
>> At
>> http://manifoldcf.apache.org/release/trunk/en_US/programmatic-operation.html
>> there is a description of a REST interface to Manifold CF.
>> This works very nice, I use it to fill the system with jobs, which saves
>> me a lot of manual entry when testing.
>>
>> One thing bothers me though, out of the box it looks like there is no
>> authentication necessary, and I also can't seem to find where to set it so
>> that it does ask for credentials.
>> Is this a security leak , or is my configuration missing a keyword ?
>>
>> --
>> Dag,
>> Jan
>>
>
>

Mime
View raw message