deegree3 icon indicating copy to clipboard operation
deegree3 copied to clipboard

Published 20 hours ago verified publisher icon deegree

Added ApiKey/Token authentication

Open dstenger opened this issue 3 years ago • 2 comments

Enables authentication via X-API-Key when REST interface is used.

dstenger avatar Sep 17 '21 19:09 dstenger

A few small remarks:

  • Documentation is missing.
  • Having a read-only workspace configuration implicitly disables access to the API.
  • ConfigServlet.token is a static field. It should be non static and initialized in the init method.

copierrj avatar Jul 13 '22 15:07 copierrj

In addition, there is the question of how this should be handled in the context of the existing protection for deegree rest-api.

https://github.com/deegree/deegree3/blob/92ac14c2fc67784b06507cf11b4c4a8fd5939bf9/deegree-services/deegree-webservices/src/main/webapp/WEB-INF/web.xml#L78-L96

stephanr avatar Jul 13 '22 15:07 stephanr

I am closing this in favor of the reworked #1498

stephanr avatar May 12 '23 13:05 stephanr