From 7a533307bd03b6aa5853f32654db3bba7a2d26cb Mon Sep 17 00:00:00 2001
From: Endi Sukma Dewata <edewata@redhat.com>
Date: Wed, 10 Oct 2012 04:38:05 -0500
Subject: Added ACLInterceptor.

Previously ACL checking was done in PKIRealm by matching the URL.
This code has been replaced by ACLInterceptor which will intercept
RESTEasy method invocations. This allows more precise mapping of
REST methods to ACL entries in acl.ldif.

Ticket #287
---
 base/common/src/com/netscape/certsrv/account/AccountResource.java | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'base/common/src/com/netscape/certsrv/account')

diff --git a/base/common/src/com/netscape/certsrv/account/AccountResource.java b/base/common/src/com/netscape/certsrv/account/AccountResource.java
index ee40b24a8..a69a3d122 100644
--- a/base/common/src/com/netscape/certsrv/account/AccountResource.java
+++ b/base/common/src/com/netscape/certsrv/account/AccountResource.java
@@ -21,6 +21,8 @@ package com.netscape.certsrv.account;
 import javax.ws.rs.GET;
 import javax.ws.rs.Path;
 
+import com.netscape.certsrv.acls.ACLMapping;
+
 /**
  * @author Endi S. Dewata
  */
@@ -29,9 +31,11 @@ public interface AccountResource {
 
     @GET
     @Path("login")
+    @ACLMapping("account.login")
     public void login();
 
     @GET
     @Path("logout")
+    @ACLMapping("account.logout")
     public void logout();
 }
-- 
cgit