You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Securing a controller in /cc/ folder

Received Response
19
Views
1
Comments
edited Jun 7, 2022 1:22PM in General Technical Discussions 1 comment

Summary

How can I force a request to the controller to authenticate?

Content

Currently I can create a controller in the /cc/ folder and call it from Postman with no authentication like so:

https://<thesite>--tstx.custhelp.com/cc/opalogging/logMessage

How can I write this controller so that authentication is required? (using HTTP basic authentication header if possible?)

Am I going about this the wrong way?  I need to call out from Oracle Intelligence Advisor (aka OPA) to a controller on Customer Portal, which will then action the POST and do something with the data.  I can't leave an unauthenticated POST endpoint exposed to the internet, for obvious reasons.

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!