How to restrict REST API method

Hi There,

I’m keen to ‘turn off’ some of the API endpoints (basically anything other than the service bean invoker).

I’ve been experimenting with changes to portal-security-spring.xml, such as:

… but these are not looking like they are having any affect.

Could you advise on how I could accomplish this?

Many thanks.

P.S. I should say that this is in the portal application.

In addition to modifications you’ve made, try to replace the following line:

<http pattern="/api/**" security="none"/>

with these lines:

<http pattern="/api/login" security="none"/>
<http pattern="/api/service**" security="none"/>

That looks like that’s done the trick! Thank you.

Small follow-on question if I may: how would I go about disabling the stack trace which appears in the 500 error page following a service invocation which has caused an error?

Try to set this property in the

Perfect, thank you