Menu
▾
▴
Re: [Unity-idm-discuss] custom servlet endpoint authentication
|
From: Krzysztof B. <go...@ic...> - 2015-01-21 22:05:54
|
Hi Terefang, W dniu 21.01.2015 o 19:26, Terefang Verigorn pisze: > i do need a rpc api on top of unity so i implemented an endpoint > (+factory+servlet) I guess that you want to have quick and easy implementation exposing the full Unity API remotely. However have you considered doing it different (and maybe looking bit harder at the first sight) way, i.e. extending the current REST admin endpoint? Adding couple of additional operations won't be much work. Such approach has the advantage of a cleaner API and proper control over on-the-wire contents. It is also somewhere on the horizon for the official Unity distro (and also all contributions are welcomed). > and hooked i up like this in unityServer.conf: > > ---- > unityServer.core.endpoints.11.endpointType=JsonRpc > unityServer.core.endpoints.11.endpointConfigurationFile=/etc/unity-idm/endpoints/jsonrpc.properties > unityServer.core.endpoints.11.contextPath=/rpc > unityServer.core.endpoints.11.endpointName=UNITY json-rpc endpoint > unityServer.core.endpoints.11.endpointRealm=defaultRealm > unityServer.core.endpoints.11.endpointAuthenticators=pwdRest > ---- > > i can reach the endpoint servlet, but any call to an unity api > (IdentitiesManagement, GroupsManagement, AttributesManagement) will > result in the following Exception: > > ---- > 2015-01-21 17:47:25,238 [qtp37986510-36] WARN > terefang.unity.contrib.jsonrpc.JsonRpcServlet - The current call has > no invocation context set [CUT] > it seams that the configured authentication methods do not get processed > and hence the api calls are unauthorized So AFAIU without looking at your code you try not only to create a new Unity endpoint, but also a new endpoint binding, which can be called "plain servlet" in your case. Your configuration is using restful authenticator but I'm afraid your endpoint is not restful (JAX-RS based)? This is much harder then creating a new endpoint for existing binding (which are Vaadin, Web Service with CXF and RESTful with JAX-RS). When going into this direction you have to implement the whole authentication logic for this binding, something you get for free when reusing an existing endpoint type. If you are really interested in this direction I can give you some hints, of course. Take care, Krzysztof |
