Code Review
/
sdnc
/
oam.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
fix oauth startup issues
[sdnc/oam.git]
/
installation
/
sdnc
/
src
/
main
/
resources
/
oauth-aaa-app-config.xml
diff --git
a/installation/sdnc/src/main/resources/oauth-aaa-app-config.xml
b/installation/sdnc/src/main/resources/oauth-aaa-app-config.xml
index
643ed4d
..
65e34db
100644
(file)
--- a/
installation/sdnc/src/main/resources/oauth-aaa-app-config.xml
+++ b/
installation/sdnc/src/main/resources/oauth-aaa-app-config.xml
@@
-26,6
+26,7
@@
<main>
<pair-key>tokenAuthRealm</pair-key>
<main>
<pair-key>tokenAuthRealm</pair-key>
+ <!--<pair-value>org.opendaylight.aaa.shiro.realm.TokenAuthRealm</pair-value>-->
<pair-value>org.onap.ccsdk.features.sdnr.wt.oauthprovider.OAuth2Realm</pair-value>
</main>
<pair-value>org.onap.ccsdk.features.sdnr.wt.oauthprovider.OAuth2Realm</pair-value>
</main>
@@
-34,17
+35,14
@@
<pair-value>$tokenAuthRealm</pair-value>
</main>
<!-- Used to support OAuth2 use case. -->
<pair-value>$tokenAuthRealm</pair-value>
</main>
<!-- Used to support OAuth2 use case. -->
- <main>
- <pair-key>authcBasic</pair-key>
- <pair-value>org.opendaylight.aaa.shiro.filters.ODLHttpAuthenticationFilter</pair-value>
- </main>
<main>
<pair-key>anyroles</pair-key>
<main>
<pair-key>anyroles</pair-key>
- <pair-value>org.o
pendaylight.aaa.shiro
.filters.AnyRoleHttpAuthenticationFilter</pair-value>
+ <pair-value>org.o
nap.ccsdk.features.sdnr.wt.oauthprovider
.filters.AnyRoleHttpAuthenticationFilter</pair-value>
</main>
<main>
<pair-key>authcBearer</pair-key>
</main>
<main>
<pair-key>authcBearer</pair-key>
- <pair-value>org.opendaylight.aaa.shiro.filters.ODLHttpAuthenticationFilter2</pair-value>
+<!-- <pair-value>org.apache.shiro.web.filter.authc.BearerHttpAuthenticationFilter</pair-value>-->
+ <pair-value>org.onap.ccsdk.features.sdnr.wt.oauthprovider.filters.BearerAndBasicHttpAuthenticationFilter</pair-value>
</main>
<!-- in order to track AAA challenge attempts -->
</main>
<!-- in order to track AAA challenge attempts -->
@@
-60,7
+58,7
@@
<!-- Model based authorization scheme supporting RBAC for REST endpoints -->
<main>
<pair-key>dynamicAuthorization</pair-key>
<!-- Model based authorization scheme supporting RBAC for REST endpoints -->
<main>
<pair-key>dynamicAuthorization</pair-key>
- <pair-value>org.o
pendaylight.aaa.shiro.realm.
MDSALDynamicAuthorizationFilter</pair-value>
+ <pair-value>org.o
nap.ccsdk.features.sdnr.wt.oauthprovider.filters.Customized
MDSALDynamicAuthorizationFilter</pair-value>
</main>
</main>
@@
-70,11
+68,11
@@
</urls>
<urls>
<pair-key>/**/v1/**</pair-key>
</urls>
<urls>
<pair-key>/**/v1/**</pair-key>
- <pair-value>authcB
earer
, roles[admin]</pair-value>
+ <pair-value>authcB
asic
, roles[admin]</pair-value>
</urls>
<urls>
<pair-key>/**/config/aaa*/**</pair-key>
</urls>
<urls>
<pair-key>/**/config/aaa*/**</pair-key>
- <pair-value>authcB
earer
, roles[admin]</pair-value>
+ <pair-value>authcB
asic
, roles[admin]</pair-value>
</urls>
<urls>
<pair-key>/oauth/**</pair-key>
</urls>
<urls>
<pair-key>/oauth/**</pair-key>
@@
-94,7
+92,6
@@
</urls>
<urls>
<pair-key>/**</pair-key>
</urls>
<urls>
<pair-key>/**</pair-key>
- <pair-value>authcBearer,
anyroles["admin,provision"
]</pair-value>
+ <pair-value>authcBearer,
roles[admin
]</pair-value>
</urls>
</shiro-configuration>
</urls>
</shiro-configuration>
-