Hi Everyone,
We are integrating CUBA application with Kong. At Kong we have plugins that will integrate with IDP and authorize the request. After authorization, request will be passed to custom REST controller created under portal. In custom REST controller we want to enable only basic authentication using the user name and default password.
Could you please help me in understanding how only basic authentication can be added to the custom REST controller.
Thanks in advance for the support.
Hi,
Is REST API add-on included into your application? Or you just use Spring MVC controller without REST API add-on?
Hi Maxim,
Thanks for the reply. We are using CUBA platform version 7.0.12 and I have written custom REST controller using Creating Custom OAuth2 Protected Controllers - CUBA Platform. Developer’s Manual
Then, I think, you may replace the following filters from your endpoints security configs:
<custom-filter ref="resourceFilter" before="PRE_AUTH_FILTER"/>
<custom-filter ref="cuba_AnonymousAuthenticationFilter" after="PRE_AUTH_FILTER"/>
resourceFilter checks the Bearer token provided by the REST API add-on. You don’t need this behavior as I understand. You may try to write your own filter that will check the Authorization header from the request and include this filter into security configuration.