Re: Authenticator and Component XML configuration

Tue, 13 May 2014 22:29:24 -0700 

Hi Sergio,

I think you should attach a Restlet Application subclass to your default
host.

Inside this application, you can add a ChallengeAuthenticator filter, then
a Router and attach your four resources to this router.

If you want to do it all in XML, maybe you should consider using Spring XML
support instead which is more flexible/powerful.

Thanks,
Jerome
--
http://restlet.org
@jlouvel <http://twitter.com/#!/jlouvel>





On Tue, May 13, 2014 at 6:11 AM, Sergio <sertin...@gmail.com> wrote:

> Hello,
>
> I'm quite a newbie with restlet. I'm creating an application with this
> resources:
>
> /
> /apps
> /apps/{id}
> /apps/{id}/objects
>
> To attach the different URI to resources I have used the XML component
> configuration:
>
> <?xml version="1.0"?>
> <component xmlns="http://www.restlet.org/schemas/2.0/Component";
>         name="AndroPi RESTful server"
>         description="Configures NAT and output interface for nodes into
> the inner network"
>         owner="GRC UPV"
>         author="Sergio Martínez Tornell">
>         <client protocol="CLAP" />
>         <server protocol="HTTP" port="8080">
>                 <parameter name="tracing" value="true" />
>         </server>
>
>         <defaultHost>
>                 <attach uriPattern="/"
>
> targetClass="es.upv.grc.andropi.server.RootServerResource"/>
>                 <attach uriPattern="/apps"
>
> targetClass="es.upv.grc.andropi.server.AppsServerResource"/>
>                 <attach uriPattern="/apps/{appId}"
>                 targetClass="es.upv.grc.andropi.server.AppServerResource"/>
>                 <attach uriPattern="/apps/{appId}/objects"
>         targetClass="es.upv.grc.andropi.server.ObjectsServerResource"/>
> "
>         </defaultHost>
> </component>
>
> It works properly, but now I want to protect the /apps/{id} and
> /apps/{id}/objects from non-authorized users.
>
> I have read the book "Restlet in action" and the tutorials available on
> the website, but I can't find how to do it.
>
> How can I define a ChallengeAuthenticator to act as a filter to only come
> of my resources?
>
> Can I define the ChallengeAuthenticator only for som methods of my
> resources? for example to protect PUT or POST but keep GET public.
>
> Thank you very much.
> Sergio
>
> ------------------------------------------------------
>
> http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=3078257
>

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=3078316

Reply via email to