0 Replies Latest reply on Apr 12, 2017 5:25 AM by kgrueneberg

    Skip Basic Auth filter for internal requests

    kgrueneberg

      Our standalone.xml configuration looks like this:

       

      <host name="default-host" alias="localhost">
                          <filter-ref name="central-basic-auth"/>
                      </host>

      <filter name="central-basic-auth" class-name="com.eosuptrade.wildfly.module.customauth.FixedBasicAuthenticationHandler" module="com.eosuptrade.customauth">
                          <param name="username" value="user"/>
                          <param name="password" value="password"/>
                          <param name="realm" value="Protected"/>
                          <param name="skipHttp" value="false"/>
                          <param name="skipHttps" value="false"/>
                      </filter>

       

      We have deployed two war files. The first war file contains a service that uses a RESTeasy client to execute a HTTP request for the second war file deployed. However, since basic auth is enabled, the request is denied, since we are not sending the basic auth information. I do know, that it is possible to include the basic auth when sending the request via RESTeasy client.

       

      Is there a way to skip the basic auth filter for internal requests? So if a service (deployed in a war file on the same WildFly) executes a HTTP call, skip it (since the request came from localhost), else ask for basic auth.

       

      Any help is appreciated.

       

      Thanks in regards,

      Kevin