Instructions for Authentication and running on localhost only

[amanjeev]

I am sorry if this is covered elsewhere but I could not find it. I need help with two things -

1. How to enable authentication or link with existing auth service?
2. How do not expose the server and instead be accessible only via localhost.

If 2. can be achieved, I can hide the service behind a auth proxy and then 1. is not needed.

Thank you.

[amanjeev]

Hi, I am trying to use this sample beacon with our current AAI infrastructure. However if I pass any Authorization header to the app (post login) I get the error

  "header" : {
    "apiVersion" : "v1.1.0",
    "code" : "401",
    "service" : "elixirbeacon",
    "developerMessage" : "org.ega_archive.elixircore.exception.UnauthorizedException: Token is not valid or user is not authorized to access this dataset",
    "userMessage" : "Token is not valid or user is not authorized to access this dataset",
    "errorCode" : "401",
    "docLink" : "https://ega.crg.eu",
    "errorStack" : ""
  },
  "response" : null
}```

This seems like that there is some setting somewhere that I need to configure so it accepts the tokens. Is there are any documentation for this?

[sdelatorrep]

Hi! Have you checked the log? This message is printed in this line and more information about the error should be logged. Also, keep in mind that you will need to adapt your Beacon code to the format of the permissions provided by your AAI system. For example, this implementation connects to the Elixir AAI to verify the token and request the user information (find the endpoint here), which contains the datasets permissions. I'm pretty sure your AAI implementation will expose different information or have a different format, so you have to change the code in function findAuthorizedDatasets (here).