Enable partial authentication and cookie-based authentication for REST services

We can enable partial authentication for new or existing REST services. Partial authentication enables persistent sessions for shoppers, so that they can be remembered. Partial authentication is enabled by default in the wc-rest-security.xml file, indicated by the partialAuthentication flag. For example:

Where each resource listed as partialAuthentication=true is allowed to consume the partial authentication token or the partial authentication cookie. Default is false. When a service is called, the service URL is matched with the resource patterns, starting with the longest pattern, matching the behavior of the sslConfig nodes in the file.

We can create our own wc-rest-security.xml file in the Rest.war/WEB-INF/config/com.ibm.commerce.rest-ext directory to add an SSL requirement for new or existing REST services.


Procedure