Putting standard CSP login in front of a web application with a REST dispatch class
Has anybody ever enabled the standard CSP login page for a web application with REST dispatch class? Any ideas how to do this?
(Context: I'm using %CSP.REST with other stuff behind it, not actually a REST API.)
Product version: IRIS 2022.1
$ZV: IRIS for Windows (x86-64) 2022.1.1 (Build 374U) Tue Oct 18 2022 17:39:18 EDT
I'm not sure you can do that, but is there any reason you can't define it as two web applications, one with the dispatch class and one without?
Any reasons for doing this? This is not how it is supposed to be. REST should answer with Status 401, and optionally with methods available. And web application when gets 401, it knows that it has to authorize the user, and shows its own page or initiates SSO, depending on the task.
Anyway, if really do this way, It looks like %CSP.REST extends %CSP.Login, and it has Method Login
Did not test it, but I would expect it will do what requested
@Dmitry Maslennikov it's not actually a REST service, I just want a web application where I have full control over behavior of URLs under the application root in ObjectScript. %CSP.REST is the easiest (maybe only?) way to do that.
I ended up implementing Login as follows (which at least mostly works):
Yeah, actually, in several projects I've used %CSP.REST to process the whole application. Static web files and REST itself. And the main cause to do so is that the internal webserver did not accept index.html as default index. So, it required to putting it manually to the URL, or using %CSP.REST, which work with static files, and correctly processes index.html. And it requires just one Web Application configured. But in case, when an application is partly anonymous, requires more attention to security.