18 Jun 2008, 11:33

RESTlet: Selective Guards

Share

When creating RESTful WebServices using the RESTlet API you may wan’t to create a selective Guard, i.e. a password protection for special HTTP methods only. Perhaps you want to allow all GET requests but require authentification for modifying requests like PUT or POST.

In this case you’ll need to extend the Guard class and overwrite the methods authenticate and authorize. An example implementation would look like this:

public class SelectiveGuard extends Guard {
public ModificationGuard(Context context, ChallengeScheme scheme,
String realm) {
super(context, scheme, realm);
}
@Override
public int authenticate(Request request) {
if (!request.getMethod().equals(Method.GET)) {
return super.authenticate(request);
} else {
return 1;
}
}
@Override
public boolean authorize(Request request) {
if (request.getMethod().equals(Method.GET)) {
return true;
} else {
return super.authorize(request);
}
}
}