You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Securing a controller in /cc/ folder

Received Response
11
Views
1
Comments
edited Jun 3, 2021 3:36AM in Customer Portal 1 comment

Summary

How can I force a request to the controller to authenticate?

Content

Currently I can create a controller in the /cc/ folder and call it from Postman with no authentication like so:

https://<thesite>--tstx.custhelp.com/cc/opalogging/logMessage

How can I write this controller so that authentication is required? (using HTTP basic authentication header if possible?)

Am I going about this the wrong way?  I need to call out from Oracle Intelligence Advisor (aka OPA) to a controller on Customer Portal, which will then action the POST and do something with the data.  I can't leave an unauthenticated POST endpoint exposed to the internet, for obvious reasons.

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!