| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new mechanism has been added to limit the authentication methods that
can be used to invoke the REST methods. The AuthMethodMapping annotation
maps each REST method to a list of allowed authentication methods defined
auth-method.properties. When a client calls a REST method, the AuthMethod-
Interceptor will intercept the call and verify that the client uses an
allowed authentication method.
For security reason, most REST methods that require authentication have been
configured to require client certificate authentication. Authentication using
username and password will only be used to get the installation token from
security domain.
The auth.properties have been renamed to acl.properties since it's used to
store ACL mappings.
Ticket #477
|
|
|
|
|
|
|
|
| |
New CLI's have been added to search, add, and remove user membership.
The group member management code has been refactored into a processor
to allow reuse.
Ticket #190
|
|
|
|
|
|
|
|
|
| |
Previously ACL checking was done in PKIRealm by matching the URL.
This code has been replaced by ACLInterceptor which will intercept
RESTEasy method invocations. This allows more precise mapping of
REST methods to ACL entries in acl.ldif.
Ticket #287
|
|
|
|
|
|
|
|
|
| |
A REST account service has been added to allow client to login
to establish a session and to logout to destroy the session. This
way multiple operations can be executed using the same session
without having to re-authenticate.
Ticket #357
|
|
|
|
|
|
|
| |
The common classes used by REST client and services have been moved
into the com.netscape.certsrv.<component> packages.
Ticket #215
|
|
|
|
|
|
|
| |
The REST common classes have been renamed for better clarity
and consistency.
Ticket #259
|
|
|
|
|
|
|
| |
The REST server classes have been renamed for better clarity
and consistency.
Ticket #259
|
| |
|
| |
|
|
|