From 7a533307bd03b6aa5853f32654db3bba7a2d26cb Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Wed, 10 Oct 2012 04:38:05 -0500 Subject: Added ACLInterceptor. Previously ACL checking was done in PKIRealm by matching the URL. This code has been replaced by ACLInterceptor which will intercept RESTEasy method invocations. This allows more precise mapping of REST methods to ACL entries in acl.ldif. Ticket #287 --- base/ca/shared/webapps/ca/WEB-INF/auth.properties | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'base/ca/shared/webapps/ca/WEB-INF/auth.properties') diff --git a/base/ca/shared/webapps/ca/WEB-INF/auth.properties b/base/ca/shared/webapps/ca/WEB-INF/auth.properties index 116bc94bf..08f5bea50 100644 --- a/base/ca/shared/webapps/ca/WEB-INF/auth.properties +++ b/base/ca/shared/webapps/ca/WEB-INF/auth.properties @@ -1,13 +1,13 @@ # Restful API auth/authz mapping info # # Format: -# = , -# ex: /ca/pki/users = certServer.ca.users,read +# = , +# ex: admin.users = certServer.ca.users,read -/ca/rest/account/login = certServer.ca.account,login -/ca/rest/account/logout = certServer.ca.account,logout -/ca/rest/admin/users = certServer.ca.users,execute -/ca/rest/admin/groups = certServer.ca.groups,execute -/ca/rest/agent/certrequests = certServer.ca.certrequests,execute -/ca/rest/agent/certs = certServer.ca.certs,execute -/ca/rest/securityDomain/installToken = certServer.securitydomain.domainxml,read +account.login = certServer.ca.account,login +account.logout = certServer.ca.account,logout +admin.users = certServer.ca.users,execute +admin.groups = certServer.ca.groups,execute +agent.certrequests = certServer.ca.certrequests,execute +agent.certs = certServer.ca.certs,execute +securityDomain.installToken = certServer.securitydomain.domainxml,read -- cgit