This is one of the Holon Platform example projects.
This example shows how to setup RESTful server and client applications using the Holon platform JAX-RS module Spring Boot support, and enable authentication and authorization using the HTTP Basic
scheme.
This example addresses the following topics:
- Configure JAX-RS resources authentication using the
@Authenticate
annotation and a Realm as backend. - Configure JAX-RS resources authorization using
javax.annotation.security.*
annotations. - Setup a JAX-RS client using a
RestClient
and perform invocations with the HTTPBasic
Authorization header.
The ProtectedEndpoint class represents a protected API endpoint, using the @Authenticate
annotation to require authentication to access the endpoint operation methods.
Each method is annotated with a javax.annotation.security.*
annotation to enable role-based authorization control for the API operation represented by the method.
The authentication and authorization strategy is implemented using a Holon Platform Realm
structure, configured with the following components:
- A HTTP
Basic
schemeAuthenticationTokenResolver
, to process request messages and extract a suitable authentication token; - An Account
Authenticator
based on anAccountProvider
class, used to obtain the accounts information, which uses the authentication token described above to perform account authentication.
Thanks to the Holon Platform Spring Boot support, the Realm
bean is automatically detected by the JAX-RS authentication feature, which is automatically registered in the JAX-RS server application and triggered when the @Authenticate
annotation is found on a JAX-RS resource class or method.
If message authentication fails, a 401 - Unauthorized
response HTTP code is returned. If method role-based authorization control is not successful, a 403 - Forbidden
response HTTP code is returned.
The Client unit test class performs a set of API operations using a default RestClient
instance obtained through the forTarget()
method, which creates a default RestClient
implementation relying on the available RestClientFactory
s (in this example, a standard platform JAX-RS Client based implementation will be created) and setting a default base target URI.
The client authentication credentials are provided using the RestClient
authorizationBasic(username, password)
request configuration method, which sets up a HTTP Authorization
header, using the Basic
scheme, for the request.
The complete Holon Platform reference guide is available here.
For the specific documentation about the modules and the components used in this example see:
- Holon platform Authentication and Authorization architecture documentation
- Holon platform JAX-RS module reference documentation
The Holon Platform is built using Java 8, so you need a JRE/JDK version 8 or above to build and run this example projects.
All the Holon Platform modules and examples are Open Source software released under the Apache 2.0 license.
See Holon Platform Examples for the examples directory.