Recently I run into very interesting problem which I thought would take me just a couple of minutes to solve: protecting Apache CXF (current release 3.0.1)/ JAX-RS REST services with Spring Security (current stable version 3.2.5) in the application running inside embedded Jetty container (current release 9.2). At the end, it turns out to be very easy, once you understand how things work together and known subtle intrinsic details. This blog post will try to reveal that.
I thought I’d write up a little tutorial to help folks who are new to the concept get started. Hope it’s useful!
So I decided to give it a try by building ChessHub.io with a completely new technology stack and way of thinking:
- Moving from SQL to NoSQL
- Moving from multi-threaded Java servers to the single threaded NodeJS
- Moving from classic MVC + Ajax to real time with ExpressJS and Socket IO
- Moving from synchronous processing to an asynchronous model
If you want to quickly test your REST api from the command line, you can use curl. In this post I will present how to execute GET, POST, PUT, HEAD, DELETE HTTP Requests against a REST API. For the purpose of this blog post I will be using the REST api that supports www.bookmarks.dev. The API is documented with OpenAPI and available for testing in the browser at https://www.bookmarks.dev/api/docs/.
Basic time notions