This is one of the Holon Platform example projects.
This example shows how to setup RESTful server and client applications using the Holon platform JAX-RS module Spring Boot support, and enable authentication and authorization using the HTTP Basic scheme.
This example addresses the following topics:
- Configure JAX-RS resources authentication using the
@Authenticateannotation and a Realm as backend. - Configure JAX-RS resources authorization using
javax.annotation.security.*annotations. - Setup a JAX-RS client using a
RestClientand perform invocations with the HTTPBasicAuthorization header.
The ProtectedEndpoint class represents a protected API endpoint, using the @Authenticate annotation to require authentication to access the endpoint operation methods.
Each method is annotated with a javax.annotation.security.* annotation to enable role-based authorization control for the API operation represented by the method.
The authentication and authorization strategy is implemented using a Holon Platform Realm structure, configured with the following components:
- A HTTP
BasicschemeAuthenticationTokenResolver, to process request messages and extract a suitable authentication token; - An Account
Authenticatorbased on anAccountProviderclass, used to obtain the accounts information, which uses the authentication token described above to perform account authentication.
Thanks to the Holon Platform Spring Boot support, the Realm bean is automatically detected by the JAX-RS authentication feature, which is automatically registered in the JAX-RS server application and triggered when the @Authenticate annotation is found on a JAX-RS resource class or method.
If message authentication fails, a 401 - Unauthorized response HTTP code is returned. If method role-based authorization control is not successful, a 403 - Forbidden response HTTP code is returned.
The Client unit test class performs a set of API operations using a default RestClient instance obtained through the forTarget() method, which creates a default RestClient implementation relying on the available RestClientFactorys (in this example, a standard platform JAX-RS Client based implementation will be created) and setting a default base target URI.
The client authentication credentials are provided using the RestClient authorizationBasic(username, password) request configuration method, which sets up a HTTP Authorization header, using the Basic scheme, for the request.
The complete Holon Platform reference guide is available here.
For the specific documentation about the modules and the components used in this example see:
- Holon platform Authentication and Authorization architecture documentation
- Holon platform JAX-RS module reference documentation
The Holon Platform is built using Java 8, so you need a JRE/JDK version 8 or above to build and run this example projects.
All the Holon Platform modules and examples are Open Source software released under the Apache 2.0 license.
See Holon Platform Examples for the examples directory.