I would do something like this in my DispatchPf:
{
case RequestState("api" :: _, _, ) if !goodAuthHeader => return 401
case RequestSate(....) ....
}
So, the first pattern matches any API request (anything to "/api/...."). It
tests for a good auth header (this is where your code pulls the auth header,
inspects it against the RDBMS). If the auth fails, you return a 401 and
none of the other cases are tested.
Thanks,
David
On Sun, Nov 9, 2008 at 5:52 AM, Tim Perrett <[EMAIL PROTECTED]> wrote:
>
>
> > For standard HTML pages or for for REST (Dispatch) or for both?
>
> Sure, for REST dispatch. For instance, listing users and there details
> would be restricted functionality which requires authentication.
> >
>
--
Lift, the simply functional web framework http://liftweb.net
Collaborative Task Management http://much4.us
Follow me: http://twitter.com/dpp
Git some: http://github.com/dpp
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Lift" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/liftweb?hl=en
-~----------~----~----~----~------~----~------~--~---
