Example Two: Web
In this example you experiment with Unauthenticated and Password authentication using a Web application.
The following steps involve code in a class named SecurityTutorial.AuthenticationExample. The instructions for creating this class are here: Code for Authentication Example. Create the class definition in the USER namespace.
Now configure the Web application:
Open the Web Applications page of the portal (click [Home] > [System Administration] > [Security] > [Web Applications]).
Click Edit for the /csp/user application.
Verify that Web File is enabed.
For Allowed Authentication Methods click Unauthenticated. Verify that no other authentication mechanism is selected. Click Save.
For Dispatch Class enter SecurityTutorial.AuthenticationExample.
Next, open your favorite REST client. This example uses the Postman browser plug-in.
Create a GET request and specify that we are not using authentication.
The URL looks like this
Note that the port number displayed here, 52773, is the default InterSystems IRIS web server port. The port for your instance may be different.
Since we selected Unauthenticated for the authentication mechanism, we access the application through the UnknownUser account. An initial security setting of Minimal grants the UnknownUser the %ALL role.
There are a number of free REST clients available both as stand alone applications and browser plug-ins.