Protecting static content in Bluemix

Share: Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInShare on RedditEmail this to someonePrint this page

Single Sign-On

A client developing a prototype application on IBM Bluemix wanted to share their application with just a few developers.  Not a problem I thought, I’ve used the Bluemix SSO service  (Single Sign-on) with both Java and Node apps and it’s easy to use.  The service is simple to create and configure and the documentation and code examples are straightforward.

There was a twist though, that threw me for a loop.  Since the application was a prototype, everything was static HTML: just wireframes displayed using Node express as the web engine.  All of the examples I found assume you’re protecting a dynamic application.

Node passport module

Well it did turn out to be pretty simple after I fumbled around for a few hours, spending time reading about the Node passport module.  I’ll share the few extra lines of code here that I added to my application.  You can find a working example here (ID/password of user/password) with complete source here.

Since the app is just serving up static content, express needs to know the static directory, www in this case.

ensureAuthenticated middleware

With express you normally set up each route individually – it’s on these routes that you’d call the ensureAuthenticated middleware function.  For static content though we don’t know the routes ahead of time so we need to have every route go through the ensureAuthenticated middleware:

Finally, modify ensureAuthenticated to filter out the login and authenticate URLs.  This is needed because we’re passing every request through the ensureAuthenticated middleware.  If we didn’t filter out these routes we’d get caught in a loop.

I’d like to say I figured this out in just a few minutes, but I didn’t..  Hopefully this will save you some time if you’d like to throw up a simple static app on IBM Bluemix and hide it from the world.

 

Share: Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInShare on RedditEmail this to someonePrint this page

One comment

Leave a Reply

Your email address will not be published. Required fields are marked *