diff options
author | Endi Sukma Dewata <edewata@redhat.com> | 2012-07-26 20:40:08 -0500 |
---|---|---|
committer | Endi Sukma Dewata <edewata@redhat.com> | 2012-08-03 17:07:13 -0500 |
commit | eca4d635e67eaf3c6878d35acfaaf11df53151e2 (patch) | |
tree | 32d947e0eeec6a36ea9cc1e7ebf0804b487da7e2 /base/kra/shared/webapps/kra/WEB-INF/auth.properties | |
parent | 1d85941aa2f80f3da619504fe4310fe47cb5b036 (diff) | |
download | pki-eca4d635e67eaf3c6878d35acfaaf11df53151e2.tar.gz pki-eca4d635e67eaf3c6878d35acfaaf11df53151e2.tar.xz pki-eca4d635e67eaf3c6878d35acfaaf11df53151e2.zip |
Moved REST services into separate URLs.
To support different access control configurations the REST
services have been separated by roles. Services that don't
need authentication will be available under /rest. Services
that require agent rights will be available under /rest/agent.
Services that require admin rights will be available under
/rest/admin.
Ticket #107
Diffstat (limited to 'base/kra/shared/webapps/kra/WEB-INF/auth.properties')
-rw-r--r-- | base/kra/shared/webapps/kra/WEB-INF/auth.properties | 14 |
1 files changed, 4 insertions, 10 deletions
diff --git a/base/kra/shared/webapps/kra/WEB-INF/auth.properties b/base/kra/shared/webapps/kra/WEB-INF/auth.properties index a206aa9e4..d2ba3075e 100644 --- a/base/kra/shared/webapps/kra/WEB-INF/auth.properties +++ b/base/kra/shared/webapps/kra/WEB-INF/auth.properties @@ -4,13 +4,7 @@ # <Rest API URL> = <ACL Resource ID>,<ACL resource operation> # ex: /kra/pki/key/retrieve = certServer.kra.pki.key.retrieve,execute -/kra/pki/key/retrieve = certServer.kra.pki.key.retrieve,execute -/kra/pki/keyrequests = certServer.kra.pki.keyrequests,read -/kra/pki/keyrequest = certServer.kra.pki.keyrequest,read -/kra/pki/keyrequest/archive = certServer.kra.pki.keyrequest.archive,execute -/kra/pki/keyrequest/recover = certServer.kra.pki.keyrequest.recover,execute -/kra/pki/keyrequest/approve = certServer.kra.pki.keyrequest.approve,execute -/kra/pki/keyrequest/reject = certServer.kra.pki.keyrequest.reject,execute -/kra/pki/keyrequest/cancel = certServer.kra.pki.keyrequest.cancel,execute -/kra/pki/keys = certServer.kra.pki.keys,read -/kra/pki/config/cert/transport = certServer.kra.pki.config.cert.transport,read +/kra/rest/admin/users = certServer.kra.users,execute +/kra/rest/admin/groups = certServer.kra.groups,execute +/kra/rest/agent/keys = certServer.kra.keys,execute +/kra/rest/agent/keyrequests = certServer.kra.keyrequests,execute |