summaryrefslogtreecommitdiffstats
path: root/base/tks/shared/webapps/tks/WEB-INF/web.xml
diff options
context:
space:
mode:
authorEndi Sukma Dewata <edewata@redhat.com>2012-10-23 18:05:50 -0500
committerEndi Sukma Dewata <edewata@redhat.com>2012-10-25 23:36:42 -0500
commit6359021315622e97ae3c074752548f915e4af00d (patch)
tree6fa92b4c2ac48d469b9fea0970931b005e3903ba /base/tks/shared/webapps/tks/WEB-INF/web.xml
parent7c105a64f41000737b85de832522738fd9af4200 (diff)
downloadpki-6359021315622e97ae3c074752548f915e4af00d.tar.gz
pki-6359021315622e97ae3c074752548f915e4af00d.tar.xz
pki-6359021315622e97ae3c074752548f915e4af00d.zip
Enabled account service for TKS and OCSP.
The REST account service has been added to TKS and OCSP to enable authentication. Ticket #375
Diffstat (limited to 'base/tks/shared/webapps/tks/WEB-INF/web.xml')
-rw-r--r--base/tks/shared/webapps/tks/WEB-INF/web.xml36
1 files changed, 35 insertions, 1 deletions
diff --git a/base/tks/shared/webapps/tks/WEB-INF/web.xml b/base/tks/shared/webapps/tks/WEB-INF/web.xml
index a06b2f213..b1958c033 100644
--- a/base/tks/shared/webapps/tks/WEB-INF/web.xml
+++ b/base/tks/shared/webapps/tks/WEB-INF/web.xml
@@ -417,5 +417,39 @@
<session-config>
<session-timeout>30</session-timeout>
</session-config>
-</web-app>
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>Account Services</web-resource-name>
+ <url-pattern>/rest/account/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>*</role-name>
+ </auth-constraint>
+ <user-data-constraint>
+ <transport-guarantee>CONFIDENTIAL</transport-guarantee>
+ </user-data-constraint>
+ </security-constraint>
+
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>Admin Services</web-resource-name>
+ <url-pattern>/rest/admin/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>*</role-name>
+ </auth-constraint>
+ <user-data-constraint>
+ <transport-guarantee>CONFIDENTIAL</transport-guarantee>
+ </user-data-constraint>
+ </security-constraint>
+
+ <login-config>
+ <realm-name>Token Key Service</realm-name>
+ </login-config>
+
+ <security-role>
+ <role-name>*</role-name>
+ </security-role>
+
+</web-app>