Support API Token security in REST layer #52
Comments
ghost
assigned
aslakknutsen
added a commit
that referenced
this issue
Aug 23, 2013
* POST, PUT, DELETE now require authentication * Change to use Twitter Sign In, instead of app authentication * Workaround AGOVA-53 When the Security Module is included in the deployment all REST services are locked down. This means any state changing methods will require authentication. The Security Module test-jar comes with a Arquillian Extension that will setup do a full authentication in AfterDeploy and setup RestAssured with a valid Http Session. This allow the conference, user, attachment REST Stories used as final functional tests in the Application to work with our without the Security Module included. The REST tests have no knowledge of the Security Module. Issue: #52
aslakknutsen
added a commit
that referenced
this issue
Aug 23, 2013
* POST, PUT, DELETE now require authentication * Change to use Twitter Sign In, instead of app authentication * Workaround AGOVA-53 When the Security Module is included in the deployment all REST services are locked down. This means any state changing methods will require authentication. The Security Module test-jar comes with a Arquillian Extension that will setup do a full authentication in AfterDeploy and setup RestAssured with a valid Http Session. This allow the conference, user, attachment REST Stories used as final functional tests in the Application to work with our without the Security Module included. The REST tests have no knowledge of the Security Module. Issue: #52
aslakknutsen
added a commit
that referenced
this issue
Aug 25, 2013
Avoid exposing secret data in logs etc. Issue: #52
|
Delay til 1. rev |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Integrate security with normal REST operations.
GET is open
PUT/POST/DELETE require auth.
Make sure auth is reflected in OPTIONS
The text was updated successfully, but these errors were encountered: