Waiting for engine...
Skip to main content

Authentication to your web service

A custom connector for a particular web service need some mechanism to authenticate http requests. There are many standard authentication schemes that are handled for you with the REST framework. The Rest Client Connector’s connection tab talks about them in detail. The REST framework handles authentication selection in a very specific way that assumes standard fields are being used in the connector-descriptor.xml file, but you can override this functionality. Typically a web service allows a subset authentication schemes, and so developing a REST connector that supports those is imperative. If the target web service allows for authentication with one of the standard provided schemes, then it may be simple enough to configure the connector-descriptor.xml file to include the appropriate authentication schemes.

Let’s assume that the service allows for O Auth 2.0 with Client Credentials grant type and basic user authentication. Your descriptor file in this case looks like:

Sample connector-descriptor.xml file
<GenericConnectorDescriptor>

    <field id="auth" label="Authentication Type" type="string">
        <allowedValue label="Basic">
            <value>BASIC</value>
        </allowedValue>
        <allowedValue label="OAuth 2.0">
            <value>OAUTH2</value>
        </allowedValue>
    </field>

    <field id="username" label="User" type="string">
        <helpText>The username to authenticate with.</helpText>
        <visibilityCondition>
            <valueCondition fieldId="auth">
                <value>BASIC</value>
            </valueCondition>
        </visibilityCondition>
    </field>

    <field id="password" label="Password" type="password">
        <helpText>The password for authenticating the user.</helpText>
        <visibilityCondition>
            <valueCondition fieldId="auth">
                <value>BASIC</value>
            </valueCondition>
        </visibilityCondition>
    </field>

    <field id="preemptive" label="Preemptive authentication" type="boolean">
        <defaultValue>false</defaultValue>
    </field>

    <field id="oauthContext" label="OAuth 2.0" type="oauth">
        <oauth2FieldConfig>
            <grantType access="hidden">
                <allowedValue label="Client Credentials">
                    <value>client_credentials</value>
                </allowedValue>
            </grantType>
        </oauth2FieldConfig>
    </field>

</GenericConnectorDescriptor>

The field ids are special and are handled in the framework explicitly.

If your web service accepts only one type of authentication mechanism, you can either handle this in the descriptor or can override the getAuthenticationType method of the RestOperationConnection class.

Let’s assume your web service allows users to authenticate with only user credentials. Your RestOperationConnection class looks like:

Sample RestOperationConnection class
public class SampleRestOperationConnection extends RestOperationConnection {

    public SampleRestOperationConnection(OperationContext context) {
        super(context);
    }

    @Override
    public AuthenticationType getAuthenticationType() {
        return AuthenticationType.BASIC;
    }
}