P
Peter Judge
Guest
This (and the thread at https://community.progress.com/community_groups/openedge_development/f/19/p/28397/95772#95772 which seems to the identical question) have some aspects which aren’t quite clear. If you’re trying to redirect the request to the rest endpoint (ie the REST data) then you should be handling this in the Spring security layer in the Tomcat server. I don’t believe this is possible in OE REST in 11.4 . You’ll have to look further into Spring Security configuration to do this. Once you’ve got the incoming credentials asserted you will need to use the OE-provided bean to convert the spring token into an ABL client-principal token that you can assert/consume in the ABL code. Look for the element named OEClientPrincipalFilter in the oeablSecurity*.xml file. There’s doc on the security config at https://documentation.progress.com/output/ua/OpenEdge_latest/pasoe-admin/web-application-security-configurations.html# . It’s for PASOE but should apply substantially to 11.4.
Continue reading...
Continue reading...