You signed in with another tab or window.Reload to refresh your session.You signed out in another tab or window.Reload to refresh your session.You switched accounts on another tab or window.Reload to refresh your session.Dismiss alert
This bundle provides the ability to define a header to take a user (or 'principal') ID from, and use as an authenticateduser throughout the application. This is mainly intended for use in applications that sit behind a reverse proxy thatwill extract or provide the user information as required. This bundle also registers the RolesAllowedDynamic feature,meaning you can add @RolesAllowed annotations to restrict calls as needed.
It's important that any application that relies on authentication done in this manner isproperly secured frommalicious requests (for example, by locking down the application to only accept connections from the upstream proxy)
publicclassSampleServiceextendsApplication<SampleConfiguration> {publicstaticvoidmain(String[]args)throwsException {newSampleService().run(args); }@Overridepublicvoidinitialize(Bootstrap<SampleConfiguration>bootstrap) {// User represents your internal user representation which extends Principal// UserService represents your internal user information source which extends PrincipalServicefinalHeaderAuthBundle<User,UserService>headerAuthBundle =newHeaderAuthBundle<>(User.class,newUserService());bootstrap.addBundle(headerAuthBundle); }@Overridepublicvoidrun(SampleConfigurationconfiguration,Environmentenvironment) { ... }}
Inside your service's configuration yml file, add the header name that should be inspected:
authentication:headerName:USER_ID
And that's it! Any request that is sent to your service will inspect the header USER_ID and use this to return a singleuser and their roles from your UserService.
About
Use a configured header to provide a user into a Dropwizard application, e.g. from an upstream proxy
