Added AuthMapping annotation.ticket-477-3ticket-474-7

A new AuthMapping annotation has been added to configure the required
authentication methods to acces each REST method. The annotation maps each
method into a list of authentication methods in auth.properties.

For security reason, most REST methods that require authentication have been
configured to require client certificate authentication. Authentication using
username and password will only be used to get installation token from the
security domain.

Previously the auth.properties files were used to store ACL mappings. Now the
ACL mappings have been moved into acl.properties.

Ticket #477

1 files changed, 2 insertions, 0 deletions

diff --git a/base/common/src/com/netscape/certsrv/key/KeyRequestResource.java b/base/common/src/com/netscape/certsrv/key/KeyRequestResource.java
index 9f1ffbe02..fc1132f9c 100644
--- a/base/common/src/com/netscape/certsrv/key/KeyRequestResource.java
+++ b/base/common/src/com/netscape/certsrv/key/KeyRequestResource.java
@@ -11,10 +11,12 @@ import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.MultivaluedMap;
 
 import com.netscape.certsrv.acls.ACLMapping;
+import com.netscape.certsrv.authentication.AuthMapping;
 import com.netscape.certsrv.request.RequestId;
 
 @Path("agent/keyrequests")
 @ACLMapping("agent.keyrequests")
+@AuthMapping("agent")
 public interface KeyRequestResource {
 
     public final String SYMMETRIC_KEY_TYPE = "symmetricKey";