Tuesday, February 23, 2016

Basic Authentication Hint for ADF BC REST

If you follow step by step ADF BC REST developer guide - 16.5 Granting Client Access to the ADF REST Resource, still you would not be able to implement basic authentication for the REST service. Thats because one step is missing, it is not described (and required setting is not auto generated by JDEV). In order to enable basic authentication for ADF BC REST service, you should manually define security constraint (based on context root) for RESTServlet resource.

When security is enforced for ADF BC REST project, and you are testing REST resource with authorization header (encoded username/password) - there will be authorization error - NotAuthorizedException (even with correct username/password):


If you encounter this error after configuring ADF Security for ADF BC REST project with the wizard. Do one extra step to declare security constraint manually - set /rest/* URL pattern for RESTServlet resource in web.xml:


Basic authentication will start to work:


Download sample application - ADFBCRestApp_v5.zip.

3 comments:

Razvan Brais said...

Hey Andrejus,
Thanks for your presentation , it helped me with the GET method.
But when I invoke POST , I`m still receiving this error : oracle.adf.internal.model.rest.core.exception.NotAuthorizedException: Not authorized. Operation: create
In my project I have made all the settings , but still cannot post any info.
Can you please help me?
Thanks,
Razvan

Razvan Brais said...

Solved the problem. Now , I have another problem. I can`t call custom method. It gives me this error : JBO-27511 at "name" attribute.

Razvan Brais said...

It was a problem of the Content-Type value : instead of application/vnd.oracle.adf.action+json I used application/vnd.oracle.adf.resourceitem+json . Now it works fine.
Thank you.