Tuesday, February 23, 2016

Basic Authentication Hint for ADF BC REST

If you follow step by step ADF BC REST developer guide - 16.5 Granting Client Access to the ADF REST Resource, still you would not be able to implement basic authentication for the REST service. Thats because one step is missing, it is not described (and required setting is not auto generated by JDEV). In order to enable basic authentication for ADF BC REST service, you should manually define security constraint (based on context root) for RESTServlet resource.

When security is enforced for ADF BC REST project, and you are testing REST resource with authorization header (encoded username/password) - there will be authorization error - NotAuthorizedException (even with correct username/password):

If you encounter this error after configuring ADF Security for ADF BC REST project with the wizard. Do one extra step to declare security constraint manually - set /rest/* URL pattern for RESTServlet resource in web.xml:

Basic authentication will start to work:

Download sample application - ADFBCRestApp_v5.zip.

No comments: