diff options
author | Endi Sukma Dewata <edewata@redhat.com> | 2012-10-23 18:05:50 -0500 |
---|---|---|
committer | Endi Sukma Dewata <edewata@redhat.com> | 2012-10-25 23:36:42 -0500 |
commit | 6359021315622e97ae3c074752548f915e4af00d (patch) | |
tree | 6fa92b4c2ac48d469b9fea0970931b005e3903ba /base/tks/shared/conf | |
parent | 7c105a64f41000737b85de832522738fd9af4200 (diff) | |
download | pki-6359021315622e97ae3c074752548f915e4af00d.tar.gz pki-6359021315622e97ae3c074752548f915e4af00d.tar.xz pki-6359021315622e97ae3c074752548f915e4af00d.zip |
Enabled account service for TKS and OCSP.
The REST account service has been added to TKS and OCSP to enable
authentication.
Ticket #375
Diffstat (limited to 'base/tks/shared/conf')
-rw-r--r-- | base/tks/shared/conf/acl.ldif | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/base/tks/shared/conf/acl.ldif b/base/tks/shared/conf/acl.ldif index b38b5963f..bed8ba7cb 100644 --- a/base/tks/shared/conf/acl.ldif +++ b/base/tks/shared/conf/acl.ldif @@ -28,3 +28,6 @@ resourceACLS: certServer.tks.randomdata:execute:allow (execute) group="Token Key resourceACLS: certServer.tks.registerUser:read,modify:allow (modify,read) group="Enterprise CA Administrators" || group="Enterprise KRA Administrators" || group="Enterprise OCSP Administrators" || group="Enterprise TKS Administrators" || group="Enterprise TPS Administrators":Only Enterprise Administrators are allowed to register a new agent resourceACLS: certServer.tks.importTransportCert:read,modify:allow (modify,read) group="Enterprise CA Administrators" || group="Enterprise KRA Administrators" || group="Enterprise OCSP Administrators" || group="Enterprise TKS Administrators" || group="Enterprise TPS Administrators":Only Enterprise Administrators are allowed to import transport certificate resourceACLS: certServer.clone.configuration:read,modify:allow (modify,read) group="Enterprise CA Administrators" || group="Enterprise KRA Administrators" || group="Enterprise OCSP Administrators" || group="Enterprise TKS Administrators":Only Enterprise Administrators are allowed to clone the configuration. +resourceACLS: certServer.tks.account:login,logout:allow (login,logout) user="anybody":Anybody can login and logout +resourceACLS: certServer.tks.groups:execute:allow (execute) group="Administrators":Admins may execute group operations +resourceACLS: certServer.tks.users:execute:allow (execute) group="Administrators":Admins may execute user operations |