Our standalone.xml configuration looks like this:
<host name="default-host" alias="localhost">
<filter-ref name="central-basic-auth"/>
</host>
<filter name="central-basic-auth" class-name="com.eosuptrade.wildfly.module.customauth.FixedBasicAuthenticationHandler" module="com.eosuptrade.customauth">
<param name="username" value="user"/>
<param name="password" value="password"/>
<param name="realm" value="Protected"/>
<param name="skipHttp" value="false"/>
<param name="skipHttps" value="false"/>
</filter>
We have deployed two war files. The first war file contains a service that uses a RESTeasy client to execute a HTTP request for the second war file deployed. However, since basic auth is enabled, the request is denied, since we are not sending the basic auth information. I do know, that it is possible to include the basic auth when sending the request via RESTeasy client.
Is there a way to skip the basic auth filter for internal requests? So if a service (deployed in a war file on the same WildFly) executes a HTTP call, skip it (since the request came from localhost), else ask for basic auth.
Any help is appreciated.
Thanks in regards,
Kevin