diff options
Diffstat (limited to 'base/ca')
-rw-r--r-- | base/ca/shared/webapps/ca/WEB-INF/auth.properties | 18 | ||||
-rw-r--r-- | base/ca/src/com/netscape/ca/CertificateAuthorityApplication.java | 4 |
2 files changed, 13 insertions, 9 deletions
diff --git a/base/ca/shared/webapps/ca/WEB-INF/auth.properties b/base/ca/shared/webapps/ca/WEB-INF/auth.properties index 116bc94bf..08f5bea50 100644 --- a/base/ca/shared/webapps/ca/WEB-INF/auth.properties +++ b/base/ca/shared/webapps/ca/WEB-INF/auth.properties @@ -1,13 +1,13 @@ # Restful API auth/authz mapping info # # Format: -# <Rest API URL> = <ACL Resource ID>,<ACL resource operation> -# ex: /ca/pki/users = certServer.ca.users,read +# <ACL Mapping> = <ACL Resource ID>,<ACL Resource Operation> +# ex: admin.users = certServer.ca.users,read -/ca/rest/account/login = certServer.ca.account,login -/ca/rest/account/logout = certServer.ca.account,logout -/ca/rest/admin/users = certServer.ca.users,execute -/ca/rest/admin/groups = certServer.ca.groups,execute -/ca/rest/agent/certrequests = certServer.ca.certrequests,execute -/ca/rest/agent/certs = certServer.ca.certs,execute -/ca/rest/securityDomain/installToken = certServer.securitydomain.domainxml,read +account.login = certServer.ca.account,login +account.logout = certServer.ca.account,logout +admin.users = certServer.ca.users,execute +admin.groups = certServer.ca.groups,execute +agent.certrequests = certServer.ca.certrequests,execute +agent.certs = certServer.ca.certs,execute +securityDomain.installToken = certServer.securitydomain.domainxml,read diff --git a/base/ca/src/com/netscape/ca/CertificateAuthorityApplication.java b/base/ca/src/com/netscape/ca/CertificateAuthorityApplication.java index 42fd439de..bc6dd71a6 100644 --- a/base/ca/src/com/netscape/ca/CertificateAuthorityApplication.java +++ b/base/ca/src/com/netscape/ca/CertificateAuthorityApplication.java @@ -5,6 +5,7 @@ import java.util.Set; import javax.ws.rs.core.Application; +import com.netscape.certsrv.acls.ACLInterceptor; import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.IConfigStore; @@ -79,6 +80,9 @@ public class CertificateAuthorityApplication extends Application { // exception mapper classes.add(PKIException.Mapper.class); + + // ACL interceptor + singletons.add(new ACLInterceptor()); } public Set<Class<?>> getClasses() { |