User connectivityOAuth authentication methodChange OAuth to Basic authentication

Change OAuth to Basic authentication

When you enable Basic authentication, the OAuth server still runs in the background, but it is not being used. In this case requests are not sent to the OAuth server during REST API calls.

With Basic authentication, system users can still create OAuth clients but they cannot use these clients for authentication and authorization for the REST APIs.

With standard installation (without SSO)

Make the following changes if Transact is installed with the standard installation (without SSO.)

  1. Update the <Transact_Install_Dir>\Application\WEB-INF\web.xml file as follows:
    1. Comment the springSecurityFilterChain filter by adding the opening <!-- and closing --> tags: 

      <!-- Comment to enable basic auth for REST APIs  -->
<!-- <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
-->

    2. Uncomment security-constraint for web services by removing the <!-- and --> tags around the section: 

      <!-- Uncomment to enable basic auth for REST APIs -->

<security-constraint>
        <web-resource-collection>
            <web-resource-name>web service</web-resource-name>
            <url-pattern>/rest/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
            <http-method>PATCH</http-method>
            <http-method>PUT</http-method>
            <http-method>DELETE</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>*</role-name>
        </auth-constraint>
    </security-constraint>

  2. In the <Transact_Install_Dir>\Application\applicationContext.xml file, comment the applicationContext-oauth-security.xml import. 

    <!-- Uncomment to Use OAuth for the rest apis -->
<!-- <import resource="classpath:/META-INF/applicationContext-oauth-security.xml " /> -->

With SSO installation

When Transact is configured with SSO, make the following changes.

  1. In the <Transact_Install_Dir>\Application\WEB-INF\classes\META-INF\applicationContext-security.xml file, update applicationContext-security.xml by uncommenting the /rest/** pattern. 

    <!-- Comment line below when using oauth for the rest apis -->
<security:http pattern="/rest/**" security="none" />

  2. In the <Transact_Install_Dir>\Application\applicationContext.xml file, update applicationContext.xml by commenting the applicationContext-oauth-security.xml import. 

    <!-- Uncomment to Use OAuth for the rest apis -->
<!-- <import resource="classpath:/META-INF/applicationContext-oauth-security.xml" /> -->