I've created CONNECTORS-1177 to track this issue. Offhand I think it is straightforward to add some degree of session login support.
Karl On Mon, Mar 30, 2015 at 12:00 PM, Karl Wright <[email protected]> wrote: > Hi Jan, > > The reason that the REST interface is a separate web application is so you > can protect it in the manner of your choice, within the context of the > application server. It was written before there were any particular > standards for authentication of REST web services. > > If you have an idea how you'd like to see the REST API authenticated > natively, please open a ticket so that we discuss this further. > > Thanks, > Karl > > > On Mon, Mar 30, 2015 at 11:12 AM, Jan van Haarst <[email protected]> > wrote: > >> Hello all, >> >> At >> http://manifoldcf.apache.org/release/trunk/en_US/programmatic-operation.html >> there is a description of a REST interface to Manifold CF. >> This works very nice, I use it to fill the system with jobs, which saves >> me a lot of manual entry when testing. >> >> One thing bothers me though, out of the box it looks like there is no >> authentication necessary, and I also can't seem to find where to set it so >> that it does ask for credentials. >> Is this a security leak , or is my configuration missing a keyword ? >> >> -- >> Dag, >> Jan >> > >
