Skip to content




API Explorer

Securing a Gloop service

By default, Gloop services exposed as ad hoc HTTP endpoints are accessible to all clients. You can add security metadata for each Gloop service to restrict access to authorized users or groups only. To do this, follow the steps below:

  1. Right click the Gloop file you want to secure in the Navigator view.
  2. Click Invoke Permissions.
  3. In the dialog, add the users and groups you want to authorize for the service.

Gloop service invoke permissions dialog

Gloop service invoke permissions dialog

Only users belonging to the list of authorized users or groups will be able to invoke the secured Gloop service's HTTP endpoint(s). Martini stores the security metadata in a file located at <martini-home>/conf/invoker-acl.xml.