CODEWITHSUNDEEP
restjaxbjax-rsrestletbasic-authentication
Naftuli Kay
Naftuli Kay

Reputation: 91860

HTTP Basic Authentication in Restlet with a JAXRS Application?

I'm trying to authenticate access to all resources on my server via HTTP Basic authentication. Currently, my setup looks like this when starting the server:

this.component = new Component();
this.server = this.component.getServers().add(Protocol.HTTP, 8118);

JaxRsApplication application = new JaxRsApplication(component.getContext()
        .createChildContext());
application.add(new RestletApplication());

ChallengeAuthenticator authenticator = new ChallengeAuthenticator(
        this.component.getContext(), 
        ChallengeScheme.HTTP_BASIC, "test");        
authenticator.setVerifier(new ApplicationVerifier());

this.component.getDefaultHost().attachDefault(authenticator);
this.component.getDefaultHost().attach(application);
this.component.start();

Here's my RestletApplication:

import java.util.HashSet;
import java.util.Set;

import javax.ws.rs.core.Application;

public class RestletApplication extends Application {

    @Override
    public Set<Class<?>> getClasses() {
        Set<Class<?>> classes = new HashSet<Class<?>>();
        classes.add(TestResource.class);
        return classes;
    }
}

Here's my ApplicationVerifier:

import java.util.HashMap;
import java.util.Map;

import org.restlet.security.LocalVerifier;

public class ApplicationVerifier extends LocalVerifier {

    private Map<String, char[]> localSecrets = new HashMap<String, char[]>();

    public ApplicationVerifier() {
        this.localSecrets.put("username", "password".toCharArray());
    }

    @Override
    public char[] getLocalSecret(String key) {
        if (this.localSecrets.containsKey(key))
            return this.localSecrets.get(key);

        return null;
    }
}

Finally, here's my TestResource:

import java.util.*;

import javax.ws.rs.GET;
import javax.ws.rs.Path;

@Path("test")
public class TestResource {

    @GET
    @Path("list")
    public TestList getTestList() {
        return makeTestList();
    }
}

However, I'm not seeing any prompt or requirement for authentication when I try to access the resource. What am I doing wrong? I'm not having any issues with marshalling and unmarshalling items and I'm sure that my resource is getting hit with requests. What am I not doing right?

Upvotes: 3

Views: 1327

Answers (1)

Naftuli Kay
Naftuli Kay

Reputation: 91860

According to the JavaDocs for JaxRsApplication, an authenticator can be set using the following code before starting things up:

((JaxRsApplication)application).setGuard((Authenticator)authenticator);

Do that, and all requests will fly through your authenticator :)

Upvotes: 3

Related Questions