From b5d353f13eefeed5a234850d5c95e3fc03340d36 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Thu, 14 Nov 2013 15:32:11 -0500 Subject: Replaced auth.properties with acl.properties. The ACL mapping files have been renamed from auth.properties to acl.properties to match the actual content and moved into the subsystem conf folder. The authentication method mapping files have been extracted from the interceptor into actual files. The ACLInterceptor and AuthMethodInterceptors have been modified to read the default mapping first, then overwrite it with custom mapping if it exists in the subsystem folder. The UpdateAuthzProperties upgrade script has been replaced with RemoveAuthProperties that will remove the old auth.properties. --- base/ocsp/shared/conf/acl.properties | 11 +++++++++++ base/ocsp/shared/conf/auth-method.properties | 12 ++++++++++++ base/ocsp/shared/webapps/ocsp/WEB-INF/auth.properties | 10 ---------- 3 files changed, 23 insertions(+), 10 deletions(-) create mode 100644 base/ocsp/shared/conf/acl.properties create mode 100644 base/ocsp/shared/conf/auth-method.properties delete mode 100644 base/ocsp/shared/webapps/ocsp/WEB-INF/auth.properties (limited to 'base/ocsp') diff --git a/base/ocsp/shared/conf/acl.properties b/base/ocsp/shared/conf/acl.properties new file mode 100644 index 000000000..67c68b37f --- /dev/null +++ b/base/ocsp/shared/conf/acl.properties @@ -0,0 +1,11 @@ +# ACL mapping +# +# Format: +# = , +# Example: +# users = certServer.ca.users,execute + +account.login = certServer.ocsp.account,login +account.logout = certServer.ocsp.account,logout +groups = certServer.ocsp.groups,execute +users = certServer.ocsp.users,execute diff --git a/base/ocsp/shared/conf/auth-method.properties b/base/ocsp/shared/conf/auth-method.properties new file mode 100644 index 000000000..5718fc6da --- /dev/null +++ b/base/ocsp/shared/conf/auth-method.properties @@ -0,0 +1,12 @@ +# Authentication method mapping +# +# Format: +# = ,... +# Example: +# default = * +# account = certUserDBAuthMgr,passwdUserDBAuthMgr + +default = * +account = certUserDBAuthMgr,passwdUserDBAuthMgr +groups = certUserDBAuthMgr +users = certUserDBAuthMgr diff --git a/base/ocsp/shared/webapps/ocsp/WEB-INF/auth.properties b/base/ocsp/shared/webapps/ocsp/WEB-INF/auth.properties deleted file mode 100644 index 9e138cb5a..000000000 --- a/base/ocsp/shared/webapps/ocsp/WEB-INF/auth.properties +++ /dev/null @@ -1,10 +0,0 @@ -# Restful API authorization mapping info -# -# Format: -# = , -# ex: admin.users = certServer.ca.users,read - -account.login = certServer.ocsp.account,login -account.logout = certServer.ocsp.account,logout -groups = certServer.ocsp.groups,execute -users = certServer.ocsp.users,execute -- cgit