-
Notifications
You must be signed in to change notification settings - Fork 4
Security
davidjgrvs edited this page Feb 20, 2018
·
2 revisions
The API utilizes Spring Security to protect the endpoints, and requires a user be authenticated to access those endpoints. The configuration can be modified to require specific roles to access specific endpoints. We have not implemented the authentication process, because that is a part of the Janus app as a whole and needs to be configured outside the Bam component. For testing purposes, there is a boolean value called testing which when true will not protect the endpoints, will not enable csrf protection and will not enable headers. When testing is set to false, it will enable csrf protection and headers and will also protect the endpoints.