DropwizardOpenID icon indicating copy to clipboard operation
DropwizardOpenID copied to clipboard
verified publisher icon gary-rowe

Correct behaviour from unauthenticated curl request?

Open gary-rowe opened this issue 12 years ago • 0 comments

From Ken Yee via email:

Have you ever tried doing "curl" on a secured REST API like this with your github openid dropwizard project?

    @GET
    @Timed
    @CacheControl(noCache = true)
    public List<Event> getEvents(
            @RestrictedTo(Authority.ROLE_PUBLIC) User publicUser) {
    }

curl http://localhost:8080/user/events actually returns the basemodel like this:

  {"model":{"user":null,"markdownHtml":"<h1>Markdown: Syntax</h1><p>This text is lifted from <....}}

when you don't send the authentication credentials http header.

If you're authenticated, it returns the proper json data (the event objects).

gary-rowe avatar Dec 04 '13 21:12 gary-rowe