Provide a safe configuration for the REST API by default

deegree / deegree-ogcapi

OGC API implementations based on deegree

GNU Lesser General Public License v2.1

5 stars 5 forks source link

Provide a safe configuration for the REST API by default #70

Open stephanr opened 1 year ago

stephanr commented 1 year ago

The current packaging of the webapp of OGC API does not include protection of REST API.

A first draft was done in https://github.com/deegree/deegree3/pull/1180 to include a way of securing the REST API.

References:

https://github.com/deegree/deegree3/pull/1180

tfr42 commented 1 year ago

The default protection of the REST API shall be done by the ApiKey/Token for the deegree OGC API webapp. A placeholder for protecting the web app with the servlet security mechanism shall be added to the web and documentation.