From f49c98ca0cbfc0def8f055c2d97c031ff0f4a439 Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Fri, 1 Feb 2013 13:05:38 -0500 Subject: Added authentication method validation. A new mechanism has been added to specify the authentication methods that can be used to invoke the REST methods. The AuthMethodMapping annotation maps each REST method to a list of allowed authentication methods. When a client calls a REST method, the AuthMethodInterceptor will intercept the call and verify that the client uses an allowed authentication method. Most REST methods that require authentication have been configured to require client certificate authentication. Authentication using username and password will only be used to get the installation token from security domain. Ticket #477 --- base/common/src/com/netscape/certsrv/group/GroupResource.java | 2 ++ 1 file changed, 2 insertions(+) (limited to 'base/common/src/com/netscape/certsrv/group/GroupResource.java') diff --git a/base/common/src/com/netscape/certsrv/group/GroupResource.java b/base/common/src/com/netscape/certsrv/group/GroupResource.java index 17728dd13..ffe32e2cd 100644 --- a/base/common/src/com/netscape/certsrv/group/GroupResource.java +++ b/base/common/src/com/netscape/certsrv/group/GroupResource.java @@ -32,12 +32,14 @@ import javax.ws.rs.core.Response; import org.jboss.resteasy.annotations.ClientResponseType; import com.netscape.certsrv.acls.ACLMapping; +import com.netscape.certsrv.authentication.AuthMethodMapping; /** * @author Endi S. Dewata */ @Path("admin/groups") @ACLMapping("admin.groups") +@AuthMethodMapping("admin") public interface GroupResource { @GET -- cgit