User 8c93b1d06c
30-10-2013 06:09:53
The "JChem Web Services: Reloaded" presentation by Gabor Guta shows a roadmap for the Rest Webservices product that includes Authentication/ACL by the 6.1 release. Has this functionality been released? If so where is it documented? If not is it still in the roadmap or are we expected to roll our own authentication for the webservices?
ChemAxon e07e2a364b
31-10-2013 12:15:29
Hi,
we added capability for authentication, but it is heavily based on spring security. We can help you in the configuration. No ACL functionality is implemented as current customers showed no interest of this functionality. So, it is on the road map, but has no high priority. If such feature is crucial for you, could you write a bit more details about your needs.
Gabor
User 8c93b1d06c
31-10-2013 23:43:02
Gabor,
Can you provide instructions or pointers to the documentation on how to set up authentication using Spring Security? Does this work with Spring Security OAuth as well? I mainly want to limit access between a guest user and administrative level user. I would like to limit the guest to only a few REST API calls.
--Michael
ChemAxon e07e2a364b
04-11-2013 13:12:12
We are going to provide a configuration guide for these options. I sent you the preliminary version in e-mail. (I will link in the forum if it will publicly released)
ChemAxon e07e2a364b
14-11-2013 08:04:38
You can achieve this by modifying the http section of the spring security setting file. You have to add intercept-url lines with an URL pattern referencing to the search URL with access rights to all authenticated user. Then add intercept-url lines to the rest of the app (*) requiring admin role. Please, let me know whether you need further assistance.
Gabor