Web Bridge
The SeedStack Web bridge is an API that enables to quickly integrate your Web frontend to your SeedStack backend.
Dependency
You can add it with the following dependency:
Maven
Gradle<dependency>
<groupId>org.seedstack.addons.web</groupId>
<artifactId>web-bridge</artifactId>
</dependency>dependencies {
compile("org.seedstack.addons.web:web-bridge:1.0.4")
}Usage
Security
Authentication resource
The authentication resource is available at /web-bridge/security/authentication and supports:
GET. Checks that a subject is authenticated. If true, returns a204(no content). If not, returns a403(unauthorized).POST. Checks that a subject is authenticated. If true, returns a302(found) with a redirection location to the authorization resource. If not, returns a403(unauthorized).DELETE. Logs the subject out.
This resource is meant to be used in conjunction with authentication security filters like authcBasic or authc to
trigger user authentication. Learn more about security filters in the web security documentation.
Authorization resource
The authorization resource is available at /web-bridge/security/authorizations and supports:
GET. Checks that a subject is authenticated. If true, returns a JSON representation of the subject and its authorizations. If not, returns a403(unauthorized).
Example of subject representation:
{
"id": "userId",
"type": "user",
"principals": {
"userId": "userId",
"locale": "fr-FR"
},
"roles": [{
"name": "manager",
"attributes": {
"scope": ["FR", "UK"]
},
"permissions": [
["products", "*"],
["categories", "*"]
]
}, {
"name": "admin",
"attributes": {},
"permissions": [
["users", "*"]
]
}],
"permissions": []
}
A few things to note:
- All string-based subject principals are provided under the
principalssection. - Roles can have attributes attached to them, which can be used as a way of limiting their scope.
- Permissions are often given through roles but can also be affected individually to subjects.
Refer to the security documentation to learn more about roles and permissions.