I am trying to implement a custom authorization scheme for an OData2 server which is exposed using the Apache Olingo JPA annotation processor; the authorization involves a basic user:operation pair to restrict query/update/insert/delete operations on the database; the idea is to secure the server layer (Tomcat) via username/password, and then propagating the user id to the OData layer to perform the permission check.
Has anyone implemented something similar? My current approach involves extending the ODataJPAProcessor and making the checks in the relevant methods (readEntity, updateEntity, etc.); however I am not sure if this would be the best way forward.
Any help would be greatly appreciated.
Regards, -Eduardo.
