How to restrict access to some restlet resources

124 Views Asked by tigerjack At 25 April 2025 at 03:50

I'm trying to figuring out what is the best way to restrict access to some resources using the restlet framework. In my case, I have a POJO object

public class User
{
    private Integer id;
    private String password;
    private boolean enabled;
    private boolean adminPrivileges;
}

So, what I'm trying to do is the following: if the resource requested by the client is under

/normal-user, it is requested that the User is authenticated and that he is enabled (ie enabled=true)
/admin-user, it is requested that the User is authenticated, that he is enabled and has admin privileges (ie enabled=true and adminPrivileges=true)
otherwise, no authentication is required

What is the best way to accomplish this goal? Note that I don't want to restrict the access to some files or directories, but only to specific resources (ie instances of ServerResource). Can I achieve it only using restlet APIs? Or do I have to implement some kind of servlet Filter? I've read something on the Guard class used by restlet, as far as I understand it's only used to restrict access to specific directories.

Original Q&A

There are 1 best solutions below

Thierry Templier On 07 December 2014 at 07:23

Yes guards are the way with Restlet to apply security on resources. They allow to check the authentication (Verifier) and load corresponding roles (Enroler) if the authentication is successful.

Guards are configured when defining your routing in your Reslet application class and must be defined in front of resources or routers you santé to protect...

Hope it helps you. Thierry

How to restrict access to some restlet resources

There are 1 best solutions below

Related Questions in SERVLETS

Related Questions in SERVLET-FILTERS

Related Questions in RESTLET

Related Questions in RESTLET-2.0

Trending Questions

Popular # Hahtags

Popular Questions