summaryrefslogtreecommitdiffstats
path: root/base/tks
diff options
context:
space:
mode:
Diffstat (limited to 'base/tks')
-rw-r--r--base/tks/shared/webapps/tks/WEB-INF/acl.properties (renamed from base/tks/shared/webapps/tks/WEB-INF/auth.properties)6
-rw-r--r--base/tks/shared/webapps/tks/WEB-INF/auth-method.properties9
-rw-r--r--base/tks/src/com/netscape/tks/TKSApplication.java4
3 files changed, 15 insertions, 4 deletions
diff --git a/base/tks/shared/webapps/tks/WEB-INF/auth.properties b/base/tks/shared/webapps/tks/WEB-INF/acl.properties
index 6de7f08e5..62367135e 100644
--- a/base/tks/shared/webapps/tks/WEB-INF/auth.properties
+++ b/base/tks/shared/webapps/tks/WEB-INF/acl.properties
@@ -1,8 +1,8 @@
-# Restful API auth/authz mapping info
+# Restful API authorization mapping info
#
# Format:
-# <ACL Mapping> = <ACL Resource ID>,<ACL Resource Operation>
-# ex: admin.users = certServer.ca.users,read
+# <mapping name> = <resource ID>,<operation>
+# ex: admin.users = certServer.ca.users,read
account.login = certServer.tks.account,login
account.logout = certServer.tks.account,logout
diff --git a/base/tks/shared/webapps/tks/WEB-INF/auth-method.properties b/base/tks/shared/webapps/tks/WEB-INF/auth-method.properties
new file mode 100644
index 000000000..81e24403f
--- /dev/null
+++ b/base/tks/shared/webapps/tks/WEB-INF/auth-method.properties
@@ -0,0 +1,9 @@
+# Restful API auth mapping info
+#
+# Format:
+# <mapping name> = <allowed auth methods>
+# ex: admin.users = certUserDBAuthMgr,passwdUserDBAuthMgr
+
+default = *
+account = certUserDBAuthMgr,passwdUserDBAuthMgr
+admin = certUserDBAuthMgr
diff --git a/base/tks/src/com/netscape/tks/TKSApplication.java b/base/tks/src/com/netscape/tks/TKSApplication.java
index 229a64c95..6dfbeae0b 100644
--- a/base/tks/src/com/netscape/tks/TKSApplication.java
+++ b/base/tks/src/com/netscape/tks/TKSApplication.java
@@ -6,6 +6,7 @@ import java.util.Set;
import javax.ws.rs.core.Application;
import com.netscape.certsrv.acls.ACLInterceptor;
+import com.netscape.certsrv.authentication.AuthMethodInterceptor;
import com.netscape.certsrv.base.PKIException;
import com.netscape.cms.servlet.account.AccountService;
import com.netscape.cms.servlet.admin.GroupMemberService;
@@ -40,7 +41,8 @@ public class TKSApplication extends Application {
// exception mapper
classes.add(PKIException.Mapper.class);
- // ACL interceptor
+ // interceptors
+ singletons.add(new AuthMethodInterceptor());
singletons.add(new ACLInterceptor());
}
generated by cgit (git 2.34.1) at 2024-05-04 20:20:11 +0000