summaryrefslogtreecommitdiffstats
path: root/pki/base/test
diff options
context:
space:
mode:
authorEndi Sukma Dewata <edewata@redhat.com>2013-02-01 13:05:38 -0500
committerEndi Sukma Dewata <edewata@redhat.com>2013-02-12 22:32:51 -0500
commitaf5d06d241b33cea3a9e6b54ead00436fb2d5edc (patch)
tree01341b098eecc7acb7579061cf708b8b309c3188 /pki/base/test
parent12bd85dc50052107e5dccff56f4110b133aafdc1 (diff)
downloadpki-ticket-477-4.tar.gz
pki-ticket-477-4.tar.xz
pki-ticket-477-4.zip
Added authentication method validation.ticket-477-4
A new mechanism has been added to limit the authentication methods that can be used to invoke the REST methods. The AuthMethodMapping annotation maps each REST method to a list of allowed authentication methods defined auth-method.properties. When a client calls a REST method, the AuthMethod- Interceptor will intercept the call and verify that the client uses an allowed authentication method. For security reason, most REST methods that require authentication have been configured to require client certificate authentication. Authentication using username and password will only be used to get the installation token from security domain. The auth.properties have been renamed to acl.properties since it's used to store ACL mappings. Ticket #477
Diffstat (limited to 'pki/base/test')
0 files changed, 0 insertions, 0 deletions