Hi Jan, The reason that the REST interface is a separate web application is so you can protect it in the manner of your choice, within the context of the application server. It was written before there were any particular standards for authentication of REST web services.
If you have an idea how you'd like to see the REST API authenticated natively, please open a ticket so that we discuss this further. Thanks, Karl On Mon, Mar 30, 2015 at 11:12 AM, Jan van Haarst <[email protected]> wrote: > Hello all, > > At > http://manifoldcf.apache.org/release/trunk/en_US/programmatic-operation.html > there is a description of a REST interface to Manifold CF. > This works very nice, I use it to fill the system with jobs, which saves > me a lot of manual entry when testing. > > One thing bothers me though, out of the box it looks like there is no > authentication necessary, and I also can't seem to find where to set it so > that it does ask for credentials. > Is this a security leak , or is my configuration missing a keyword ? > > -- > Dag, > Jan >
