manifoldcf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Karl Wright <daddy...@gmail.com>
Subject Re: Setting up authentication for the REST interface ?
Date Mon, 30 Mar 2015 16:00:00 GMT
Hi Jan,

The reason that the REST interface is a separate web application is so you
can protect it in the manner of your choice, within the context of the
application server.  It was written before there were any particular
standards for authentication of REST web services.

If you have an idea how you'd like to see the REST API authenticated
natively, please open a ticket so that we discuss this further.

Thanks,
Karl


On Mon, Mar 30, 2015 at 11:12 AM, Jan van Haarst <jan@vanhaarst.net> wrote:

> Hello all,
>
> At
> http://manifoldcf.apache.org/release/trunk/en_US/programmatic-operation.html
> there is a description of a REST interface to Manifold CF.
> This works very nice, I use it to fill the system with jobs, which saves
> me a lot of manual entry when testing.
>
> One thing bothers me though, out of the box it looks like there is no
> authentication necessary, and I also can't seem to find where to set it so
> that it does ask for credentials.
> Is this a security leak , or is my configuration missing a keyword ?
>
> --
> Dag,
> Jan
>

Mime
View raw message