Authentication based on DbIdentityManager - getting 401 Unauthorized

[kshraval]

I want to configure authentication based on DbIdentityManager - I am getting 401 Unauthorized. Please let me know what am I doing wrong. Steps I have followed so far:

In Mongodb:

1. Created database userbase. Created collection _accounts
2. Created 2 documents like: {"_id" : "consumer1","password" : "changeit","roles" : "[users]"}

In restheart.yml

1. Under idm commented out SimpleFileIdentityManager

2. Created this entry

   idm:
   implementation-class: org.restheart.security.impl.DbIdentityManager
   conf-file: ./etc/security.yml

3. Mongo mount is like below

   mongo-mounts:
   - what: "/mydb"
     where: /mydb

In security.yml 1.

dbim:
    - db: userbase
      coll: _accounts
      prop-name-id: _id
      prop-name-password: password
      prop-name-roles: roles
      bcrypt-hashed-password: false
      create-user: false
      create-user-document: '{"_id": "admin", "password": "secret", "roles": ["admins"]}'
      cache-enabled: false
      cache-size: 1000
      cache-ttl: 60000
      cache-expire-policy: AFTER_WRITE

2. I want users to just GET and admins can perform all actions

   # Users can GET from /mydb/mycol
   - role: users
     predicate: path-prefix[path="/mycol"] and method[value="GET"]
   # Admins can perform any action on /mydb/mycol
   - role: admins
     predicate: path-prefix[path="/mycol"]

Testing from Postman

1. GET localhost:8080/mydb/mycol

2. Authorization Type: Basic Auth Username: consumer1 Password: changeit

Here getting error 401 Unauthorized. What am I going wrong, my feeling is could be something trivial - but I am not able to see that. Kindly review and help.

Thanks Kshitij

[ujibang]

The roles property of your user document is wrong, "[user]" should be ["user"]

[kshraval]

Thanks a lot. Worked.