topic Re: Possible bug Activiti-rest 5.15 in Alfresco Archive

Possible bug Activiti-rest 5.15

yahekia — Fri, 18 Jul 2014 13:05:49 GMT

I have created a CustomRestAuthenticator because for the moment I do not want authentication.package activiti.extension.rest;import org.activiti.rest.common.filter.RestAuthenticator;import org.restlet.Request;public class CustomRestAuthenticator implements RestAuthenticator { public boolean reques

Re: Possible bug Activiti-rest 5.15

trademak — Mon, 21 Jul 2014 09:13:04 GMT

In ActivitiRestServicesApplication there's an invocation of initializeAuthentication();
Did you override that? Otherwise authenticate will still be called.

Best regards,

Re: Possible bug Activiti-rest 5.15

yahekia — Mon, 21 Jul 2014 12:53:04 GMT

Hello Tijs,

no, I do not override that. I follow the instructions in the user guide (http://www.activiti.org/userguide/#N12F8B).

boolean requestRequiresAuthentication(Request request): Called before a request is checked for authentication (valid username and password is passed in header). If this method returns true, the method needs authentication. If false is returned, the request will be done regardless of the request being authenticated. If false is returned, isRequestAuthorized will not be called either for this request.

I supossed that if I set it always to false, there was no need to be authenticated. So, is it wrong the user guide?

Re: Possible bug Activiti-rest 5.15

jbarrez — Fri, 25 Jul 2014 07:24:14 GMT

Indeed, looking at the source code it seems the initializeAuthentication also must be overriden.