Basic Authentication

Basic authentication uses Spring Security’s HTTP Basic mechanism with a custom provider that validates credentials against the ASEE Flow engine’s Identity Service. It is the default mode.

Dependency

<dependency>
  <groupId>org.springframework.boot</groupId>
  <artifactId>spring-boot-starter-security</artifactId>
</dependency>

This dependency is provided in the starter, so include it explicitly.

Configuration

aseeflow:
  webadmin:
    authentication: basic

How it works

The browser prompts for a username and password with the standard HTTP Basic dialog. Credentials are validated against the engine’s IdentityService. By default both the WebAdmin UI and the REST API (/engine-rest/**) require authentication; unauthenticated REST requests receive 401 Unauthorized. Set disable-rest-security: true to require authentication for the UI only. On logout, the user is redirected to /webadmin/logoutRedirect and then back to /webadmin/, where the browser prompts for credentials again.

When to use it

Basic authentication suits development and testing, internal applications with simple needs, and API clients or automated tools.

Properties

Property	Type	Default	Description
`aseeflow.webadmin.authentication`	String	`basic`	Set to `basic` to enable this mode.
`aseeflow.webadmin.disable-rest-security`	Boolean	`false`	When `true`, REST endpoints are reachable without authentication.

​Dependency

​Configuration

​How it works

​When to use it

​Properties

Dependency

Configuration

How it works

When to use it

Properties