Is there a way to disable access to the REST interface on a specific OneClick?
We have a set of OneClick servers that are dedicated to REST access. People are supposed to use those for submitting their REST queries. However, our community has discovered that all OneClicks support these calls, so we are seeing them submit their REST queries against our OneClick servers that are supposed to be for general user access (WebClient/OneClick). I suspect we also have some that are hitting our SRM servers as well. I would like to be able to disable REST on the WebClient/OneClick/SRM servers or limit the accounts that can submit REST calls on those systems.
Is there a way to restrict access on specific servers?
I would simply disable REST on those servers entirely:
To disable the RESTful url you can delete the
It would also be a good idea to modify the web.xml to remove the servlet definitions
<servlet-name>RESTful Web Services registration servlet</servlet-name>
RESTfulWebServices@RESTFULWEBSERVICES@RESTful Web Services@off;
Hope that helps. I am not aware of anyway to restrict it other than disable it.
Though there may be a way to do it.
Thank you. This is perfect. For our situation, we would want to disable the REST on those systems where we want to restrict it's usage. This fits our need perfectly.
It was after I started chatting with Roger that I realized why you guys had asked…makes sense!
Happy Holidays Bill!