summaryrefslogtreecommitdiffstats
path: root/base/ocsp/shared
diff options
context:
space:
mode:
authorEndi Sukma Dewata <edewata@redhat.com>2012-10-10 04:38:05 -0500
committerEndi Sukma Dewata <edewata@redhat.com>2012-11-08 11:20:05 -0500
commitcb209df95c4dee11f2a912e20b417fa3bc41c88f (patch)
treeb50824cdfd3bc4ec3db905b94ef7750d9ff74844 /base/ocsp/shared
parent906acfd2c82d195a7c55a2af7c4d7abe8ed2655a (diff)
downloadpki-cb209df95c4dee11f2a912e20b417fa3bc41c88f.tar.gz
pki-cb209df95c4dee11f2a912e20b417fa3bc41c88f.tar.xz
pki-cb209df95c4dee11f2a912e20b417fa3bc41c88f.zip
Added ACLInterceptor.
Previously ACL checking was done in PKIRealm by matching the URL. This code has been replaced by ACLInterceptor which will intercept RESTEasy method invocations. This allows more precise mapping of REST methods to ACL entries in acl.ldif. Ticket #287
Diffstat (limited to 'base/ocsp/shared')
-rw-r--r--base/ocsp/shared/webapps/ocsp/WEB-INF/auth.properties12
1 files changed, 6 insertions, 6 deletions
diff --git a/base/ocsp/shared/webapps/ocsp/WEB-INF/auth.properties b/base/ocsp/shared/webapps/ocsp/WEB-INF/auth.properties
index 8eda09bc3..cd2e14058 100644
--- a/base/ocsp/shared/webapps/ocsp/WEB-INF/auth.properties
+++ b/base/ocsp/shared/webapps/ocsp/WEB-INF/auth.properties
@@ -1,10 +1,10 @@
# Restful API auth/authz mapping info
#
# Format:
-# <Rest API URL> = <ACL Resource ID>,<ACL resource operation>
-# ex: /kra/pki/key/retrieve = certServer.kra.pki.key.retrieve,execute
+# <ACL Mapping> = <ACL Resource ID>,<ACL Resource Operation>
+# ex: admin.users = certServer.ca.users,read
-/ocsp/rest/account/login = certServer.ocsp.account,login
-/ocsp/rest/account/logout = certServer.ocsp.account,logout
-/ocsp/rest/admin/users = certServer.ocsp.users,execute
-/ocsp/rest/admin/groups = certServer.ocsp.groups,execute
+account.login = certServer.ocsp.account,login
+account.logout = certServer.ocsp.account,logout
+admin.users = certServer.ocsp.users,execute
+admin.groups = certServer.ocsp.groups,execute