From ba75a144f4c57c0e804fdd6e86eaae40e5822b14 Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Fri, 1 Feb 2013 13:05:38 -0500 Subject: Added configuration file for authentication method validation. The auth.properties have been converted into a configuration file to store the list of allowed authentication methods for each REST method. The old auth.properties have been renamed to acl.properties since it's used to store ACL mappings. Ticket #510 --- base/kra/shared/webapps/kra/WEB-INF/acl.properties | 12 ++++++++++++ base/kra/shared/webapps/kra/WEB-INF/auth-method.properties | 10 ++++++++++ base/kra/shared/webapps/kra/WEB-INF/auth.properties | 12 ------------ 3 files changed, 22 insertions(+), 12 deletions(-) create mode 100644 base/kra/shared/webapps/kra/WEB-INF/acl.properties create mode 100644 base/kra/shared/webapps/kra/WEB-INF/auth-method.properties delete mode 100644 base/kra/shared/webapps/kra/WEB-INF/auth.properties (limited to 'base/kra/shared/webapps') diff --git a/base/kra/shared/webapps/kra/WEB-INF/acl.properties b/base/kra/shared/webapps/kra/WEB-INF/acl.properties new file mode 100644 index 000000000..952bdad33 --- /dev/null +++ b/base/kra/shared/webapps/kra/WEB-INF/acl.properties @@ -0,0 +1,12 @@ +# Restful API authorization mapping info +# +# Format: +# = , +# ex: admin.users = certServer.ca.users,read + +account.login = certServer.kra.account,login +account.logout = certServer.kra.account,logout +admin.users = certServer.kra.users,execute +admin.groups = certServer.kra.groups,execute +agent.keys = certServer.kra.keys,execute +agent.keyrequests = certServer.kra.keyrequests,execute diff --git a/base/kra/shared/webapps/kra/WEB-INF/auth-method.properties b/base/kra/shared/webapps/kra/WEB-INF/auth-method.properties new file mode 100644 index 000000000..29a2f2381 --- /dev/null +++ b/base/kra/shared/webapps/kra/WEB-INF/auth-method.properties @@ -0,0 +1,10 @@ +# Restful API auth mapping info +# +# Format: +# = +# ex: admin.users = certUserDBAuthMgr,passwdUserDBAuthMgr + +default = * +account = certUserDBAuthMgr,passwdUserDBAuthMgr +admin = certUserDBAuthMgr +agent = certUserDBAuthMgr diff --git a/base/kra/shared/webapps/kra/WEB-INF/auth.properties b/base/kra/shared/webapps/kra/WEB-INF/auth.properties deleted file mode 100644 index 952bdad33..000000000 --- a/base/kra/shared/webapps/kra/WEB-INF/auth.properties +++ /dev/null @@ -1,12 +0,0 @@ -# Restful API authorization mapping info -# -# Format: -# = , -# ex: admin.users = certServer.ca.users,read - -account.login = certServer.kra.account,login -account.logout = certServer.kra.account,logout -admin.users = certServer.kra.users,execute -admin.groups = certServer.kra.groups,execute -agent.keys = certServer.kra.keys,execute -agent.keyrequests = certServer.kra.keyrequests,execute -- cgit