Handling security
In Chapter 7, Dealing with Security, we learned to apply security to RESTful endpoints. For instance, we discussed how to set up the HTTP Basic authentication for the booking service. We can expand on the previous section's example and add security handling. The next two sections illustrate how to handle both the Basic and Digest authentications.
The Basic authentication
This authentication scheme requires the Authorization header to contain the username/password pair encoded in Base64. This is easily achieved by modifying the client as follows:
public RemoteBookingServiceClient(String serviceUrl, String username, String password) {
template = new RestTemplate();
String credentials = Base64.getEncoder().encodeToString((username + ":" + password).getBytes());
template.getInterceptors().add((request, body, execution) -> {
request.getHeaders().add("Authorization", "Basic " + credentials);
return execution.execute(request, body);
});
}This new constructor takes...
