REST API (Restful Objects Viewer) latest

- latest
Committers' Guide
- latest
Contributors' Guide
- latest
Design Docs
- latest
Extensions
- latest
GraphQL Viewer
- latest
Incubator Catalog
- latest
JDO/DataNucleus
- latest
JPA
- latest
Reference Guide
- latest
regressiontests
- latest
Release Notes
- latest
REST API (Restful Objects Viewer)
- latest
Security Guide
- latest
Setup Guide
- latest
Testing Guide
- latest
Tutorials
- latest
User Guide
- latest
Value Types Catalog
- latest
Web UI (Wicket Viewer)
- latest

Security

The REST API (Restful Objects viewer) does not provide a login page. Instead it defines the authentication strategy SPI, delegated to by a filter. (For more detail on how this is wired together, see the implementation of the WebModuleJaxrsResteasy web module service).

The SPI is:

AuthenticationStrategy

where the returned InteractionContext represents a signed-on user.

The strategy is defined using this configuration property:

causeway.viewer.restfulobjects.authentication.strategy-class-name

The framework currently provides only HTTP Basic Auth support as a simple implementation, this is also the default strategy if none is explicitly configured.