You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2022-08-17 20:31:07
- dcoun
- Member
- From: Crete, Greece
- Registered: 2020-02-18
- Posts: 392
JWT authentication for selected interfaces
Is it possible in a TRestServer to have 2 interfaces and to enable JWT checking only for the one interface?
I can set the JwtForUnauthenticatedRequest in a Trestserver.
Using TServiceFactoryServerAbstract as returned by TRestServer.ServiceDefine has a lot of function for classic authentication but not for JWT
Also, an other question. How can I disable access to an interface from a http client if websocket connected is not upgraded and used?
Thank you in advance
Offline
#2 2022-08-18 06:43:01
Re: JWT authentication for selected interfaces
My guess is that you can just set the OnBeforeBody even of the HTTP server itself, and validate the input.
In this very same OnBeforeBody, you can:
- Require a JWT in the BearerToken parameter for some URIs (therefore, some interface)
- Deny any access on some other interface URIs for regular requests - once upgraded to WebSockets, OnBeforeBody is not called.
But the URI verification has to be done manually.
Offline
#3 2022-08-18 07:18:49
- dcoun
- Member
- From: Crete, Greece
- Registered: 2020-02-18
- Posts: 392
Re: JWT authentication for selected interfaces
Thanks a lot @ab
Offline
Pages: 1