From 1465ca82ef3436344992f8a428b5781c437b901a Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Fri, 1 Feb 2013 13:05:38 -0500 Subject: Added AuthMapping annotation. A new AuthMapping annotation has been added to configure the required authentication methods to acces each REST method. The annotation maps each method into a list of authentication methods in auth.properties. For security reason, most REST methods that require authentication have been configured to require client certificate authentication. Authentication using username and password will only be used to get installation token from the security domain. Previously the auth.properties files were used to store ACL mappings. Now the ACL mappings have been moved into acl.properties. Ticket #477 --- base/ocsp/shared/webapps/ocsp/WEB-INF/auth.properties | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) (limited to 'base/ocsp/shared/webapps/ocsp/WEB-INF/auth.properties') diff --git a/base/ocsp/shared/webapps/ocsp/WEB-INF/auth.properties b/base/ocsp/shared/webapps/ocsp/WEB-INF/auth.properties index cd2e14058..81e24403f 100644 --- a/base/ocsp/shared/webapps/ocsp/WEB-INF/auth.properties +++ b/base/ocsp/shared/webapps/ocsp/WEB-INF/auth.properties @@ -1,10 +1,9 @@ -# Restful API auth/authz mapping info +# Restful API auth mapping info # # Format: -# = , -# ex: admin.users = certServer.ca.users,read +# = +# ex: admin.users = certUserDBAuthMgr,passwdUserDBAuthMgr -account.login = certServer.ocsp.account,login -account.logout = certServer.ocsp.account,logout -admin.users = certServer.ocsp.users,execute -admin.groups = certServer.ocsp.groups,execute +default = * +account = certUserDBAuthMgr,passwdUserDBAuthMgr +admin = certUserDBAuthMgr -- cgit