Elide security layer implementation

[The-Zombie-Horde]

I am using elide to expose the entity something like /book/{id}. We have 2 way ssl implemented. How to integrate elide security layer so that elide security permissions tags can be used. We have 2 way ssl handshake using x.509 certificate.

[aklish]

Assuming you are using the JAX-RS servlet to expose Elide, you would write a JAX-RS ContainerRequestFilter which extracts the CN from your X509 cert and maps that to a SecurityContext.

You do that in a method like:

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
         SecurityContext originalSecurityContext = containerRequestContext.getSecurityContext();
         containerRequestContext.setSecurityContext(new SecurityContext() {

         ...

Make sure you are using the latest version of Elide (which passes the User object as the SecurityContext by default). Otherwise there is an extra step.

[The-Zombie-Horde]

I was looking at your documentation of elide framework and they are old and hence wanted to confirm with you.

Once user is extracted from above step, do we have to use com.yahoo.elide.resources.JsonApiEndpoint to pass user to Entity layer in order to use security permission tags?

[aklish]

You don't have to use the provided JAX-RS endpoints - but you would need to create something equivalent to them.

I've hopefully addressed the documentation issue here:

yahoo/elide-doc#77

[The-Zombie-Horde]

Thanks a million! Let me take a look and get back to you if any issue.
@Autowired
EntityManagerFactory emf;

Does Elide support Jpa or it requires emf.unwrap(SessionFactory.class); ?

[aklish]

I'm not totally following the question although there is another pull request for a proper Jpa DataStore that's in review:

#747

[aklish]

Closing this issue since the documentation has been merged.