User connectivityOAuth authentication methodChange Basic authentication to OAuth

Change Basic authentication to OAuth

The default authentication scheme after you install Transact is Basic authentication. With Basic authentication, users can access APIs using the same user name and password that they use to log in to Transact and no additional credentials are required.

OAuth requires creating separate credentials to access REST APIs. These credentials can be created in the Transact Administration console under System Administration > OAuth Client Management. To support credentials and authorization using OAuth, the Transact application is delivered with the OAuth Server application which is installed alongside Transact application.

The following topics show the exact changes required to enable OAuth. These changes apply to both Windows and Linux installations.

With standard installation (without SSO)

Make the following changes if Transact is installed with the standard installation (without SSO).

  1. Update the <Transact_Install_Dir>\Application\WEB-INF\web.xml file as follows:
    1. Uncomment the springSecurityFilterChain filter by removing the opening <!-- and closing --> tags: 

      <!-- Comment to enable basic auth for REST APIs  -->
    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    2. Comment security-constraint for web services by adding the <!-- and --> tags around the section: 

      <!-- Uncomment to enable basic auth for REST APIs -->
<!--
<security-constraint>
        <web-resource-collection>
            <web-resource-name>web service</web-resource-name>
            <url-pattern>/rest/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
            <http-method>PATCH</http-method>
            <http-method>PUT</http-method>
            <http-method>DELETE</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>*</role-name>
        </auth-constraint>
    </security-constraint>
-->

  2. In the <Transact_Install_Dir>\Application\applicationContext.xml file, uncomment the applicationContext-oauth-security.xml import. 

    <!-- Uncomment to Use OAuth for the rest apis -->
<import resource="classpath:/META-INF/applicationContext-oauth-security.xml " />

With SSO installation

When Transact is configured with SSO, make the following changes.

  1. In the <Transact_Install_Dir>\Application\WEB-INF\classes\META-INF\applicationContext-security.xml file, update applicationContext-security.xml by commenting the /rest/** pattern. 

    <!-- Comment line below when using oauth for the rest apis -->
<!-- <security:http pattern="/rest/**" security="none" /> -->

  2. In the <Transact_Install_Dir>\Application\applicationContext.xml file, update applicationContext.xml by uncommenting the applicationContext-oauth-security.xml import. 

    <!-- Uncomment to Use OAuth for the rest apis -->
<import resource="classpath:/META-INF/applicationContext-oauth-security.xml" />