Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Possible bug Activiti-rest 5.15

yahekia
Champ in-the-making
Champ in-the-making

‎07-18-2014 09:05 AM

I have created a CustomRestAuthenticator because for the moment I do not want authentication.


package activiti.extension.rest;

import org.activiti.rest.common.filter.RestAuthenticator;
import org.restlet.Request;

public class CustomRestAuthenticator implements RestAuthenticator {

   public boolean requestRequiresAuthentication(Request request) {
       return false;
    }

   public boolean isRequestAuthorized(Request request) {
       return false;
    }

}



public class NoAuthenticationActivitiRestServicesApplication extends ActivitiRestServicesApplication {
   public NoAuthenticationActivitiRestServicesApplication() {
      super();
      this.setRestAuthenticator(new CustomRestAuthenticator());
   }

   @Override
   public String authenticate(Request request, Response response) {
      if (!request.getClientInfo().isAuthenticated()) {
         authenticator.challenge(response, false);
         return null;
      }
      return "KERMIT!";
   }
}


If I do not override the method authenticate throws a nullpointerexception.

Labels:
0 Kudos
3 REPLIES 3

trademak
Star Contributor
Star Contributor

‎07-21-2014 05:13 AM

In ActivitiRestServicesApplication there's an invocation of initializeAuthentication();
Did you override that? Otherwise authenticate will still be called.

Best regards,
0 Kudos

yahekia
Champ in-the-making
Champ in-the-making

‎07-21-2014 08:53 AM

Hello Tijs,

no, I do not override that. I follow the instructions in the user guide (http://www.activiti.org/userguide/#N12F8B).

boolean requestRequiresAuthentication(Request request): Called before a request is checked for authentication (valid username and password is passed in header). If this method returns true, the method needs authentication. If false is returned, the request will be done regardless of the request being authenticated. If false is returned, isRequestAuthorized will not be called either for this request.


I supossed that if I set it always to false, there was no need to be authenticated. So, is it wrong the user guide?

0 Kudos

jbarrez
Star Contributor
Star Contributor

‎07-25-2014 03:24 AM

Indeed, looking at the source code it seems the initializeAuthentication also must be overriden.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC