2

I am unable to find a REST webservice way to Authenticate (Login) and know his roles (authorization). Although, Openbravo wiki says there is a way to login, but doesnt provide any other detail about its URL etc. Can anyone help in this regard? Thanks

EDIT
I have also posted this question on Openbravo forum. Hope this will benefits others.

sufyan.shoaib
  • 1,117
  • 9
  • 19

2 Answers2

1

The REST Webservice provides two methods for logging in:

  • login with login/password passed as request parameters (the parameters names are resp. l and p)
  • basic http authentication

If you use the first option and make a get request, the parameters are added to the url like:

http://server/openbravo/ws/dal/Country?l=user&p=password

If you make a post request the parameters are sent as the body of the request. Here is how to in java.

To use the basic http authentication you have to set the Authorization header and set the credentials as a string "user:password". Here is how.

Community
  • 1
  • 1
Ricardo Gamboa
  • 104
  • 4
  • So, can I make an anonymous webservice call or should I create a special username and password to be passed to the parameters? – aristo_sh Mar 22 '22 at 15:28
0

Basically openbravo comes with two different kind of authentication by default.

  1. DefaultAuthenticationManager
  2. AutoLogonAuthenticationManager

Both classes extends AuthenticationManager which is an abstract class. So that means Openbravo provides expandability here for custom Authentication manager.

As for as web service authentication , there is a method called webServiceAuthenticate inside AuthenticationManager which does the authentication for the REST Web services. You can check the documentation here

Gopinagh.R
  • 4,826
  • 4
  • 44
  • 60
Velu
  • 1,681
  • 1
  • 22
  • 26
  • Thanks for the reply Vel. webServiceAuthenticate is for non Rest web services as it says "This one is intended for authentications for non standard REST web services (such as SOAP)" on the same doc page. i am concerned about REST based authentication. – sufyan.shoaib Apr 23 '13 at 10:05