Example Two: Web
In this example you experiment with Unauthenticated and Password authentication using a Web application.
The following steps involve code in a class named SecurityTutorial.AuthenticationExample. The instructions for creating this class are here: Code for Authentication Example. Create the class definition in the USER namespace.
Now configure the Web application:
-
Open the Web Applications page of the portal (click [Home] > [System Administration] > [Security] > [Web Applications]).
-
Click Edit for the /csp/user application.
-
Verify that Web File is enabed.
-
For Allowed Authentication Methods click Unauthenticated. Verify that no other authentication mechanism is selected. Click Save.
-
For Dispatch Class enter SecurityTutorial.AuthenticationExample.
-
Click Save.
Next, open your favorite REST client. This example uses the Postman browser plug-in.
-
Create a GET request and specify that we are not using authentication.
The URL looks like this
http://localhost:52773/csp/user/authenticationEx
Note that the port number displayed here, 52773, is the default InterSystems IRIS web server port. The port for your instance may be different.
-
Click Send
-
Since we selected Unauthenticated for the authentication mechanism, we access the application through the UnknownUser account. An initial security setting of Minimal grants the UnknownUser the %ALL role.
There are a number of free REST clients available both as stand alone applications and browser plug-ins.