diff options
author | Endi S. Dewata <edewata@redhat.com> | 2013-11-14 15:32:11 -0500 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2013-11-20 12:17:29 -0500 |
commit | b5d353f13eefeed5a234850d5c95e3fc03340d36 (patch) | |
tree | 8037b51b7be65fb010a8bb9f9de7a962804fef2d /base/ca | |
parent | b1a187e3e731f25a37f7df0a2cd361224125b531 (diff) | |
download | pki-b5d353f13eefeed5a234850d5c95e3fc03340d36.tar.gz pki-b5d353f13eefeed5a234850d5c95e3fc03340d36.tar.xz pki-b5d353f13eefeed5a234850d5c95e3fc03340d36.zip |
Replaced auth.properties with acl.properties.
The ACL mapping files have been renamed from auth.properties to
acl.properties to match the actual content and moved into the
subsystem conf folder. The authentication method mapping files
have been extracted from the interceptor into actual files.
The ACLInterceptor and AuthMethodInterceptors have been modified to read
the default mapping first, then overwrite it with custom mapping if it
exists in the subsystem folder.
The UpdateAuthzProperties upgrade script has been replaced with
RemoveAuthProperties that will remove the old auth.properties.
Diffstat (limited to 'base/ca')
-rw-r--r-- | base/ca/shared/conf/acl.properties (renamed from base/ca/shared/webapps/ca/WEB-INF/auth.properties) | 7 | ||||
-rw-r--r-- | base/ca/shared/conf/auth-method.properties | 18 |
2 files changed, 22 insertions, 3 deletions
diff --git a/base/ca/shared/webapps/ca/WEB-INF/auth.properties b/base/ca/shared/conf/acl.properties index 24ed2d6a5..1c6651e4f 100644 --- a/base/ca/shared/webapps/ca/WEB-INF/auth.properties +++ b/base/ca/shared/conf/acl.properties @@ -1,8 +1,9 @@ -# Restful API authorization mapping info +# ACL mapping # # Format: -# <mapping name> = <resource ID>,<operation> -# ex: admin.users = certServer.ca.users,read +# <mapping name> = <resource ID>,<operation> +# Example: +# users = certServer.ca.users,execute account.login = certServer.ca.account,login account.logout = certServer.ca.account,logout diff --git a/base/ca/shared/conf/auth-method.properties b/base/ca/shared/conf/auth-method.properties new file mode 100644 index 000000000..a213534ad --- /dev/null +++ b/base/ca/shared/conf/auth-method.properties @@ -0,0 +1,18 @@ +# Authentication method mapping +# +# Format: +# <mapping name> = <authentication manager>,... +# Example: +# default = * +# account = certUserDBAuthMgr,passwdUserDBAuthMgr + +default = * +account = certUserDBAuthMgr,passwdUserDBAuthMgr +certs = certUserDBAuthMgr +certrequests = certUserDBAuthMgr +groups = certUserDBAuthMgr +kraconnectors = certUserDBAuthMgr +profiles = certUserDBAuthMgr +securityDomain.installToken = passwdUserDBAuthMgr +selftests = certUserDBAuthMgr +users = certUserDBAuthMgr |