Functionality available in the system since version 4.0.38.2
Query authorization
To authorize a query using the Basic Auth method, add a header to the query with an Authorization key and a value in the format Basic <encoded_login_data>, where the login data is the string <login>:<password> encoded in Base64.
Example in Postman application
Below are the steps performed when sending a request to the api/documents/classes endpoint using Basic Auth authorization in the Postman application:
- Add an Authorization header with a value for the example login user and password: Basic dXNlcjpwYXNzd29yZA==.
- We send the request and get the result in case:
- The login credentials were valid - HTTP 200 and the data in JSON format.
- The login credentials were invalid - HTTP 401 and the message "Authorization unsuccessful".
- The login credentials were valid - HTTP 200 and the data in JSON format.
Configure web.xml
If you have problems with Basic Auth query authorization, make sure you have the following entries in your web.xml file:
<filter> <filter-name>BasicAuthFilter</filter-name> <filter-class>com.suncode.pwfl.web.filter.BasicAuthFilter</filter-class> </filter>
<filter-mapping> <filter-name>BasicAuthFilter</filter-name> <url-pattern>/api/*</url-pattern> <url-pattern>/plugin/*</url-pattern> </filter-mapping>
The entries should be added before the <filter> and <filter-mapping> entries for the ActiveSessionFilter.