Added ACL for TPS authenticators.

New ACL has been added to allow only the administrators to access TPS authenticators. The set of interceptors in each application has been modified to preserve the order. Ticket #652
author: Endi S. Dewata <edewata@redhat.com> 2013-11-13 13:52:31 -0500
committer: Endi S. Dewata <edewata@redhat.com> 2013-11-14 16:54:54 -0500
commit: b7716af212ba857f45efa7f1811d92e916abbe26 (patch)
tree: c8e78ae39fc3e7eea38e2c7aff2443d0cf1cf526 /base/common/src/com/netscape/certsrv/tps
parent: 0aab0a6d60f139e958020cc59e07faf9517c235b (diff)
download: pki-b7716af212ba857f45efa7f1811d92e916abbe26.tar.gz
pki-b7716af212ba857f45efa7f1811d92e916abbe26.tar.xz
pki-b7716af212ba857f45efa7f1811d92e916abbe26.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/base/common/src/com/netscape/certsrv/tps/authenticator/AuthenticatorResource.java b/base/common/src/com/netscape/certsrv/tps/authenticator/AuthenticatorResource.java
index 8e9f7284a..6a2ef0d9a 100644
--- a/base/common/src/com/netscape/certsrv/tps/authenticator/AuthenticatorResource.java
+++ b/base/common/src/com/netscape/certsrv/tps/authenticator/AuthenticatorResource.java
@@ -31,11 +31,16 @@ import javax.ws.rs.core.Response;
 
 import org.jboss.resteasy.annotations.ClientResponseType;
 
+import com.netscape.certsrv.acls.ACLMapping;
+import com.netscape.certsrv.authentication.AuthMethodMapping;
+
 
 /**
  * @author Endi S. Dewata
  */
 @Path("authenticators")
+@AuthMethodMapping("authenticators")
+@ACLMapping("authenticators.read")
 public interface AuthenticatorResource {
 
     @GET
@@ -53,6 +58,7 @@ public interface AuthenticatorResource {
     @ClientResponseType(entityType=AuthenticatorData.class)
     @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
     @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
+    @ACLMapping("authenticators.add")
     public Response addAuthenticator(AuthenticatorData authenticatorData);
 
     @PUT
@@ -60,6 +66,7 @@ public interface AuthenticatorResource {
     @ClientResponseType(entityType=AuthenticatorData.class)
     @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
     @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
+    @ACLMapping("authenticators.modify")
     public Response updateAuthenticator(
             @PathParam("authenticatorID") String authenticatorID,
             AuthenticatorData authenticatorData);
@@ -67,5 +74,6 @@ public interface AuthenticatorResource {
     @DELETE
     @Path("{authenticatorID}")
     @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
+    @ACLMapping("authenticators.remove")
     public void removeAuthenticator(@PathParam("authenticatorID") String authenticatorID);
 }
author	Endi S. Dewata <edewata@redhat.com>	2013-11-13 13:52:31 -0500
committer	Endi S. Dewata <edewata@redhat.com>	2013-11-14 16:54:54 -0500
commit	b7716af212ba857f45efa7f1811d92e916abbe26 (patch)
tree	c8e78ae39fc3e7eea38e2c7aff2443d0cf1cf526 /base/common/src/com/netscape/certsrv/tps
parent	0aab0a6d60f139e958020cc59e07faf9517c235b (diff)
download	pki-b7716af212ba857f45efa7f1811d92e916abbe26.tar.gz pki-b7716af212ba857f45efa7f1811d92e916abbe26.tar.xz pki-b7716af212ba857f45efa7f1811d92e916abbe26.zip