rest - Is returning different output based on authentication credentials RESTful? -

-

I have a REST API which allows the developer to fetch a certain resource: 

 < Code> / API / Project / API / Project / 4 ...   
 The API requires authentication. Authentication token has been added to the HTTP header.  
 Is a different output to be returned based on that user?  
 Thank you!   
 
 
 REST does not define anything in that regard  
 Should keep independent authentication logic and authorization logic.  
 There are really requirements, from which you want to change the changes returned based on various characteristics / standards such as:  
  •  Authentication type  
  •  Time  
  •  User Location  
  •  Device type ...   
     You can get it by using a filter in front of your REST service Filters / Interceptors are explained.  
     Then you can send an authorization request at a decision point which determines what can be returned based on the identity of the user (or other characteristics).  
     For example, if you can argue to return a project to a user, if and if they are related to the same area, the endpoint of the other will still be / API / project but the content returned is authZ logic Will vary on the basis of Take a look at XACML and ALFA to apply that layer.  
     HH   

     




  
    •

    Comments

    Post a Comment

    Popular posts from this blog

    java - ImportError: No module named py4j.java_gateway -

    -
    I'm trying to call the Python using the Java program py4j . I've been installing the plug-in Eclipse and test name Piidvi project. I'm trying to execute the following part of the code found on py4j webpage: Import from py4j.java_gateway to JavaGateway, java_import gateway = JavaGateway () jvm = gateway.jvm java_import (jvm, '' Org.eclipse Kkorkrisorsej. * ") Vrkspes_rut = Jvankresourkesplginkgetvrkspas (). GetRoot (Gateway .help (workspace_root, '* Projects *') project_names = [project.getName () (for projects workpace_root.getProjects))] print (Projekt_nam) But I There is an error in import. I have checked that the P4JJ is present in the Jar Eclipse plugin directory. Can anyone help please? I had to install the py4j application
    Read more

    python - Receiving "KeyError" after decoding json result from url -

    -
    I am new to Python I am trying to parse JSON result from a URL. Basically, I was using the following: response = urllib.request.urlopen (url) json_obj = json.load (response) It should be a stroke "str 'not' bytes' in the lines of a given" JSON object, so after searching on the StackoverView Flo, I decode the response in this way: F = urllib.request.urlopen (Url) charset = f.info (). Get_param ('charset', 'utf8') data = f.read () decoded = json.loads (data.decode (charset)) If I print "decode" I is as follows: { 'link': { 'summary data': 'https: // localhost / piwebapi / streams / p0_7qHaW4UHU-RlCaz8tpasAAQAAAAU0hJTExNQU42NDIwXFNJTlVTT0lE / summary' 'value': 'https: // localhost / Piwebapi / streams / P0_7qHaW4UHU-RlCaz8tpasAAQAAAAU0hJTExNQU42NDIwXFNJTlVTT0lE / price ',' InterpolatedData ':' https: // localhost / Piwebapi / streams / P0_7qHaW4UHU-RlCaz8tpasAAQAAAAU0hJTE...
    Read more

    .net - Creating a new Queue Manager and Queue in Websphere MQ (using C#) -

    -
    "itemprop =" text "> I am writing applications that use WebSphere MQ to send messages. My unittests (for flow), I want to verify that I have put the correct message on the response queue. I am trying to figure out how to do this. My main obstacle is that I think it might be scary to clear the queue before running in my queue because the same queue can be used by other applications, I thought a decent solution would be a new line The manager will remove the queue for my solidarity and after using it. So my question is: Is it possible to use C # by using queue manager and queue? After the For future reference and future people, who want to make queues. I thought how to make and remove IBM MQ QE (not quenhers) with PCM messaging. It is not very simple, but it can be done. We have implemented it in a library and it is being used to create and delete commands before and after integration tests. The most important part of the code in this library is shown in the...
    Read more