Database Reference
In-Depth Information
◦
forUriPath()
: This method defines the URL on which this security
needs to be applied or evaluated.
◦
isAuthorized()
: This is the main method that defines the custom lo-
gic for denying or approving the access to the specific URI requested by
the user. For example, we have allowed only
GET
requests and denied ac-
cess to all other types of HTTP requests.
4. Open your console, browse the root directory of your project, that is,
Spring-
Neo4j
, and execute the following Maven command:
$M2_HOME/bin/mvn clean install
5. Now open
<$Spring-Neo4j>/target/
and place the project's JAR file in
the server's classpath or simply copy to
<$NEO4J_HOME>/lib/
.
6. Next, open
<$NEO4J_HOME>/conf/neo4j-server.properties
and
add the following property to configure the security rule:
org.neo4j.server.rest.security_rules=org.neo4j.custom.security.rules.DenyCreateRequestSecurityRule
Note
We can define more than one rule by separating them with a comma (,).
7. Next, start your Neo4j server by executing
<$NEO4J_HOME>/bin/neo4j
start
.
And we are done!!! Our first security rule is deployed and now each time a user
executes an HTTP or REST request, our security rule will be evaluated, and based
on the type of request, access to the server will be denied or approved.
8. Next, execute any REST request from SoapUI and the security rule will deny ac-
cess to the application or Neo4j server for all other types of requests except GET.
9. Open SoapUI or any other tool for executing a GET REST request with the fol-
lowing configurations:
◦ Request method type:
GET
◦ Request URL:
https://localhost:7473/db/data/
or
ht-
tp://localhost:7474/db/data/
◦ Request headers:
Accept: application/json; char-
set=UTF-8
and
Content-Type: application/json
Execute the REST request and you will see results as a JSON response, as shown
in the following screenshot:
