Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/pashashiz/webserver-security-prompt
https://github.com/pashashiz/webserver-security-prompt
Last synced: 1 day ago
JSON representation
- Host: GitHub
- URL: https://github.com/pashashiz/webserver-security-prompt
- Owner: pashashiz
- Created: 2016-02-05T15:35:02.000Z (almost 9 years ago)
- Default Branch: master
- Last Pushed: 2016-02-05T15:39:54.000Z (almost 9 years ago)
- Last Synced: 2024-04-17T22:56:59.574Z (7 months ago)
- Language: Java
- Size: 8.79 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
#### Browser client
Just use from to login as global user (admin:admin if you have that user on your app server):
```
http://localhost:2020/webserver-security-test/
```
Try to access secured `vdr` adapter and prompt vdr:vdr:
```
http://localhost:2020/webserver-security-test/adapter?name=vdr
```
Try to access secured `cmis` adapter and prompt cmis:cmis:
```
http://localhost:2020/webserver-security-test/adapter?name=cmis
```
Go back and check what repositories you can access to:
```
http://localhost:2020/webserver-security-test/
```
#### Native client
Login globally, for example with user admin:admin just run:
```
curl --verbose --header "authorization: Basic YWRtaW46YWRtaW4=" \
http://localhost:2020/webserver-security-test/
```
And there is a response:
```
HTTP/1.1 200 OK
Hello [admin], you have global access
```
Let's try access a secured `vdr` adapter without credentials:
```
curl --verbose --header "authorization: Basic YWRtaW46YWRtaW4=" \
http://localhost:2020/webserver-security-test/adapter?name=vdr
```
And there is a response:
```json
{
"code": 401,
"message": "Unauthorized",
"details": [
{
"@type": "AdapterUnauthorizedErrorDetail",
"message": "Unauthorized adapter access",
"adapter": "vdr",
"authorization": "Basic"
}
]
}
```
As you see the `vdr` adapter needs its own credentials in Basic form, let's just add a new header
`authorization-adapter-vdr` and use user vdr:vdr:
```
curl --verbose --header "authorization: Basic YWRtaW46YWRtaW4=" \
--header "authorization-adapter-vdr: Basic dmRyOnZkcg==" \
http://localhost:2020/webserver-security-test/adapter?name=vdr
```
And there is a response:
```
HTTP/1.1 200 OK
Hello [vdr], you have an access to [vdr] adapter
```