RemoteDB + Basic Authentication Middleware


When connecting TRemoteDBDatabase to a RemoteDB server implementing TBasicAuthMiddleware, the TAuthenticateBasicProc does work, user is identified and TUserIdentity is instantiated like in the documentation, but RemoteDB Client always fails with this error :

RemoteDB request error:

as if authentication was awaited... this exception is raised from TRemoteDBDatabase inner procedure CheckConfig when setting aRemoteDBDatabase.connected := true;

Do those two components cannot work together or am I missing something ?

Can you please check if you have not filled TRemoteDBDatabase.UserName and Password properties? They should not be used if you have added BasicAuthMiddleware.

Thanks for your answer, and sorry for the delay (holidays).

Of course I did not filled UserName and Password fields.
So you're telling me that it must work... maybe default values from the TRemoteDBModule instantiation need to be removed ?

Update : I tried emptying UserName and Password field, and now I don't get 401 anymore. But my identification is completely useless. I had to create a TRemoteDBModuledescendant to handle it (simplified here) :

TOwnRemoteDBModule = class(TRemoteDBModule)
    procedure ProcessRequest(const Context: THttpServerContext); override;

procedure TOwnRemoteDBModule.ProcessRequest(const Context: THttpServerContext);
  Claim : TUserClaim;
  Claim := nil;
  if Context.Request.User<>nil then
    Claim := Context.Request.User.Claims.Find('roles');
  if (Claim=nil) or not (Claim.AsString='something') then
    {$IFDEF DEBUGLOG} Logger.Debug('Authentication failed. Sending www-authenticate header to client.'); {$ENDIF}
    Context.Response.Headers.SetValue('www-authenticate', 'Basic');
    Context.Response.StatusCode := 401;

  inherited ProcessRequest(Context);

'hope it would be helpful to someone else or for a next version ^^

That's how it's supposed to work. The authentication middleware (Basic or JWT, the current ones) all they do is process the authentication info from client request and assign (or not) the User property in the request. It's up to the module or others middleware in the chain to add business logic and check for the User and perform actions.

Alternatively to what you did you could simply add another custom middleware that does that (check for the User and return 401 or forward the request to RemoteDB Module), so you have your code a little bit more separated.

I did not give a try to custom middlewares for now but this is indeed a good idea, thank you !