Access Denied API


I’m trying to do the rest api with authentication for a few weeks already but anyways,

I created a method on my controller actionLogin and I am able to access that with no problem but I created another one to test actionTest and it gives me the message please login. Why that message doesn’t show on the actionLogin?

I already added access role to test on my controller behavior but it still didn’t.

I want to be able to access actionTest without prompting for the user to login.

Normally authentication persistence is obtained with cookie.

In the cookie is stored the session id and in the session, on the server side, is stored the user session with all the info.

Using rest api you do not have it since rest client do not use cookie.

Upon authentication you should send back a token identifier (eg the session id) and have the client send it back at each request.

Then on the server side use the token to init the user session before the controller perform the action.

take a read at this

[color="#006400"]/* Moved from "General Discussions" to "REST APIs" */[/color]