diff options
author | Endi Sukma Dewata <edewata@redhat.com> | 2012-10-08 14:50:26 -0500 |
---|---|---|
committer | Endi Sukma Dewata <edewata@redhat.com> | 2012-10-22 17:12:20 -0500 |
commit | 1723a2ecd9d4d741ecd6d292712eeaea9d19bde9 (patch) | |
tree | f9812748c4d5c8895a8da7be352983eb792ed000 /base/ca/shared/webapps | |
parent | 1c45197227a0d54b525d4b40f66aa96aeb4f2e6a (diff) | |
download | pki-1723a2ecd9d4d741ecd6d292712eeaea9d19bde9.tar.gz pki-1723a2ecd9d4d741ecd6d292712eeaea9d19bde9.tar.xz pki-1723a2ecd9d4d741ecd6d292712eeaea9d19bde9.zip |
Added REST account service.
A REST account service has been added to allow client to login
to establish a session and to logout to destroy the session. This
way multiple operations can be executed using the same session
without having to re-authenticate.
Ticket #357
Diffstat (limited to 'base/ca/shared/webapps')
-rw-r--r-- | base/ca/shared/webapps/ca/WEB-INF/auth.properties | 2 | ||||
-rw-r--r-- | base/ca/shared/webapps/ca/WEB-INF/web.xml | 13 |
2 files changed, 15 insertions, 0 deletions
diff --git a/base/ca/shared/webapps/ca/WEB-INF/auth.properties b/base/ca/shared/webapps/ca/WEB-INF/auth.properties index b13795760..21ec281da 100644 --- a/base/ca/shared/webapps/ca/WEB-INF/auth.properties +++ b/base/ca/shared/webapps/ca/WEB-INF/auth.properties @@ -4,6 +4,8 @@ # <Rest API URL> = <ACL Resource ID>,<ACL resource operation> # ex: /ca/pki/users = certServer.ca.users,read +/ca/rest/account/login = certServer.ca.account,login +/ca/rest/account/logout = certServer.ca.account,logout /ca/rest/admin/users = certServer.ca.users,execute /ca/rest/admin/groups = certServer.ca.groups,execute /ca/rest/agent/certs = certServer.ca.certs,execute diff --git a/base/ca/shared/webapps/ca/WEB-INF/web.xml b/base/ca/shared/webapps/ca/WEB-INF/web.xml index 9f876e5c2..47ad924c5 100644 --- a/base/ca/shared/webapps/ca/WEB-INF/web.xml +++ b/base/ca/shared/webapps/ca/WEB-INF/web.xml @@ -2387,6 +2387,19 @@ <security-constraint> <web-resource-collection> + <web-resource-name>Account Services</web-resource-name> + <url-pattern>/rest/account/*</url-pattern> + </web-resource-collection> + <auth-constraint> + <role-name>*</role-name> + </auth-constraint> + <user-data-constraint> + <transport-guarantee>CONFIDENTIAL</transport-guarantee> + </user-data-constraint> + </security-constraint> + + <security-constraint> + <web-resource-collection> <web-resource-name>Admin Services</web-resource-name> <url-pattern>/rest/admin/*</url-pattern> </web-resource-collection> |