Kauri Documentation
 PreviousHomeNext 
6.13 filterBook Index6.15 jaxRs

6.14 guard

You should use Kauri Security rather than this guard.

'guard' creates a Restlet Guard, which is a special purpose filter.

Name

Description

realm

Realm to send in HTTP Basic and HTTP Digest challenges.

scheme

Authentication scheme to use.

Syntax / Examples

Protect a single resource:

import org.restlet.Guard;
import org.restlet.data.ChallengeScheme;

builder.router {

    def guard = guard(uri:"", scheme:ChallengeScheme.HTTP_BASIC, realm:"Restlet Tutorials");
    guard.secrets.put("scott", "tiger".toCharArray())

    guard.next = template(
          uri: "/",
          match: "equals",
          data: "module:/resources/greeting.json",
          template: "module:/templates/index.xml",
          mediaType: "text/html"
    )
}

Protect multiple resources (a TemplateRestlet at "/" and a DirectoryResource at "/resources")

builder.router {

    def guard = guard(uri:"", scheme:ChallengeScheme.HTTP_BASIC, realm:"Restlet Tutorials");
    guard.secrets.put("scott", "tiger".toCharArray())

    guard.next = router() {
        template( // The home page
          uri: "/",
          match: "equals",
          data: "module:/resources/greeting.json",
          template: "module:/templates/index.xml",
          mediaType: "text/html"
        )

        directory(uri: "/resources", root: "module:/resources/")
    }
}

Avoid hardcoding the secrets (still bad, we still use plaintext passwords)

class PropertiesResolver extends Resolver {
  Properties properties = new Properties()

  def resolve(String name) {
    return properties.getProperty(name)?.toCharArray();
  } 
}

accounts = new Properties()
accounts.load(new FileInputStream("/tmp/accounts"));

builder.router {

    def guard = guard(uri:"", scheme:ChallengeScheme.HTTP_DIGEST, realm:"Restlet Tutorials");
    guard.secretResolver = new PropertiesResolver(properties: accounts);

    guard.next = ...
}
 PreviousHomeNext 
6.13 filter6.15 jaxRs