. . . . . . . . . . . . . . 39 Apache Unomi 1.x - Documentation - 1 2.5.16. ElasticSearch authentication and security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . "privileged" event and therefore for not be initiated from the public internet. Ideally user authentication should always be validated by a trusted third- party even if it is a well-known social platform 2.5.7. REST API SECURITY The Apache Unomi Context Server REST API is protected using JAAS authentication and using Basic or Digest HTTP auth. By default, the login/password for the REST API full administrative

PROFILE FROM THE PUBLIC INTERNET ubuntu@ip-10-0-3-252:~/$ ssh -p 8102 karaf@localhost Password authentication Password: __ __ ____ / //_/____ __________ _/ __/ / ,< "privileged" event and therefore for not be initiated from the public internet. Ideally user authentication should always be validated by a trusted third- party even if it is a well-known social platform index. 4.7. REST API SECURITY The Apache Unomi Context Server REST API is protected using JAAS authentication and using Basic or Digest HTTP auth. By default, the login/password for the REST API full administrative

object in addition to the context information as depicted above. • We don’t need to provide any authentication at all to interact with this part of Unomi since we only have access to read-only data (as well as we shall see later on). If we had been using the REST API, we would have needed to provide authentication information as well. CONTEXT REQUEST AND RESPONSE STRUCTURE The interesting part, though, is geonames index. 2.6.4. REST API SECURITY The Context Server REST API is protected using JAAS authentication and using Basic or Digest HTTP auth. By default, the login/password for the REST API full administrative