Security, Basic Authorization
You can enable authorization in zero system as following steps:
1. Configuration
In your configuration vertx.yml, you must define lime extend node as following:
Then it means that you must create new up.god.file named vertx-secure.yml instead with following content:
Zero system provide some standard authorization by type ( Now support mongo ).
2. Create new class
Then you can create new class as following:
import io.vertx.core.json.JsonObject;
import io.vertx.ext.auth.mongo.MongoAuth;
import io.vertx.ext.web.handler.AuthHandler;
import io.vertx.up.annotations.Authenticate;
import io.vertx.up.annotations.Wall;
import io.vertx.tp.plugin.mongo.MongoInfix;
import io.vertx.up.secure.component.BasicOstium;
@Wall(value = "mongox", path = "/exp4/*")
public class MongoKeeper {
@Authenticate
public AuthHandler authenticate(final JsonObject config) {
return BasicOstium.create(
MongoAuth.create(MongoInfix.getClient(), config)
);
}
}
This class is annotated with @Wall, if the path is not set, it will be the value /* for all routes, the value
should be configured in vertx-secure.yml.in current example it's mongox. You can define more than one walls for each
routes. Then you must create the AuthHandler method to create the AuthHandler, now you can use BasicOstium to create
basic authorization handler, also this method must be annotated with @Authenticate.
- The method must be annotated with
@Authenticateto mean that this method will provideAuthHandlerfor authenticate. - In this class, you must mot use any Inject Dependency to get instance such as
MongoClient, because this @Wall will be processed in start up phase instead of request phase. - We recommend to use
BasicOstiuminstead of standard vert.xBasicAuthHandlerbecause the classBasicOstiumwill bind to Resource Model instanceEnvelopto provide zero format http response.
3. Example response
Once you set the @Wall, you must send request with Authorization http header or your'll get following response: