Passing security context data between multiple security checks

Question

Passing security context data between multiple security checks

Is there a way to transfer protected data (user data) between two or more security checks in the IBM MobileFirst Platform 8.0 Java adapter

Basically, I need an adapter resource that will be called, and will give an answer that is either logged in or the user. If the user is logged in, I need to get user-specific data, in other words, I need to get general information from the database. For example, contact information will be shared if the user is not registered, but is specific to the user's location if he / she is registered (the user's location will be retrieved from the internal server based on authentication data). Therefore, if I keep my adapter safe, then the adapter will cause a 401 error if it does not log in, and if I keep my adapter unprotected, then I will not be able to get user information when the user logs in.

+4

java authentication oauth ibm-mobilefirst

Harsh Mar 20 '17 at 18:45

source share

2 answers

, , . , .

, API getAuthenticatedUser, .

UserLogin .

+1

Vittal Pai 22 . '17 9:36

Harsh · Accepted Answer · 2017-04-16T14:12:01+0000

OAuth-based security-based security MobileFirst does not offer 1. Access to secure or session-based user information from an unprotected or unprotected resource 2. Ensuring the security and unreliability of the resource at run time

, 1. , () OAuth Enable OAuth , 2. , i) , , Default_Scope MobileFirst, Default_Scope MFP Mobile ii) , , iii) .

, API, . MFP, , , .

Passing security context data between multiple security checks

More articles: