joelburke Trusted Contributor.
Trusted Contributor.
76 views

REST web service authorization in UA 4.7.2

I am finally able to call the the rest web services. The last little nugget that I didn't find documented was adding password to com.netiq.rbpm.response-types in ism-configuration.properties. The rest apis also do not work for uadmin, but I'm okay with that for now. I assume it might be because of the basedn used to search for the user.

Anyways, my issue now is how do I control authorization to these REST web services? I've been testing with two different user who have different rights. Some REST services are blocked for my "standard" user, but others are not and I can't seem to find the reason. The SOAP call authorizations were controlled through config files. For example, authorization to the SOAP calls to the Role service were controlled by modifying the Role-Service-conf/config.xml file. I use the word "controlled" loosely. You can only open up particular services to only admin or all users. Access to the services really needs to be per user or group or something that allows for more fine grained control.

Does anybody know how to authorize access to individual REST web services?

Thanks.
Labels (1)
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.