on 02-25-2017 7:07 AM
I created a custom extension out of Ycommercewebservices template using ant extgen. I then created a controller in v2 to expose a rest service. the root url is like /{baseSiteId}/xyz/abc. When I access the rest service from different application or SoapUI or Postman, it works without needing OAuth. It also allows me to use OotB /{baseSiteId}/catalogs and other apis. However, when I invoke, /authorizationserver/oauth/token, it returns me a token. How do use this token when the services are accessible without needing the token? and how do I force OAuth on the apis?
My Use case is to provide a Authorization mechanism for every Rest request received by hybris. The concept of OAuth in hybris is confusing. Whether it is used for Authorization alone or Authorization + Authentication?
Thanks in advance!
Hi AK,
You must be using some b2b reciepe. Which is not applied by secureportal addon. with that you dont require any token. Because your store and carts can be created using anonomous accounts. But once you apply secureportaladdon. Only authenticated users can access the application. That time token is required to perform operations.
Once you apply secureportal addon. You must follow the process of authentication. If you want the customer specific token then that can be achieved. For more info do check below url. https://help.hybris.com/6.5.0/hcd/627c92db29ce4fce8b01ffbe478a8b3b.html
First create oauth information. Login the oauth authentication with oauth and user credentials. then that authenticated user can perform actions like add to cart, update cart, checkout etc....
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I think your method didnt have the Secured annotation ?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
7 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.