Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Resource XML Configuration

Metamug provides role-based authentication and authorization of resources. If the requested resource has auth attribute with a role value for e.g. auth="baz", then the request must send authorization header. If the user fails to send or sends incorrect credentials the server will respond with a 401 message.

...

Code Block
languagesql
linenumberstrue
insert into usr(user_name, pass_word) values("foo", "bar");
insert into usr_role (role_name, user_id) values("baz", 1);


Backend Properties


Queries required for BASIC and BEARER authentication are part of backend properties. They use the default usr and user_role tables. You can access these queries and modify them to use custom tables.

...

These requests are to be sent over SSL to ensure TLS end-to-end encryption. We don't encourage using APIs without HTTPS under suggested auth scheme.

Authorization Header


Metamug generated apis do not accept auth tokens via url parameters or request body.

...

Code Block
languagebash
linenumberstrue
curl -H "Authorization: Basic Zm9vOmJhcg==" http://localhost:7000/movie/v1.0/resource

Token-Based Authentication (JWT)


In this scheme, the app requests a token from the backend as follows using the user credentials (foo,bar).

...