...
In a customer project, additional mappings need to be added and this can be achieved by implementing the com.cdrator.selfcare.model.security.ownershipcontrol.AccessByOwnershipConfigurationBuilder (respectively com.cdrator.selfcare.model.security.ownershipcontrol.RestrictForOwnershipConfigurationBuilder) interface(s) and using the ServiceLoader feature to load the implementation(s).
CORS
In order to be able to access both the AUTH app and REST app from Javascript clients, CORS parameters need to be configured. Below there is an example of how that can be done:
| Code Block | ||
|---|---|---|
| ||
rest.auth.provider.strategy.append=true
rest.auth.cors.allowed-origins=*
rest.auth.cors.allowed-methods=GET, PUT, POST, DELETE, OPTIONS
rest.auth.cors.allowed-headers=*
rest.auth.cors.exposed-headers=
rest.auth.cors.max-age=3600
rest.api.cors.allowed-origins=*
rest.api.cors.allowed-methods=GET, PUT, POST, DELETE, OPTIONS
rest.api.cors.allowed-headers=Origin, X-Requested-With, Content-Type, Accept, Authorization
rest.api.cors.exposed-headers=
rest.api.cors.max-age=3600
|