diff options
| author | Shireesh Anjal <shireesh@gluster.com> | 2011-07-19 20:12:36 +0530 |
|---|---|---|
| committer | Shireesh Anjal <shireesh@gluster.com> | 2011-07-19 20:12:36 +0530 |
| commit | 7f3340c007bd6bb5f421373b0c7334fc8d5fd8ac (patch) | |
| tree | b55377c5954ad191c41c56f8d0d4bf1719a211d9 /src/com.gluster.storage.management.server | |
| parent | 629415409ceed7155090d6d7485043c6cf9bee87 (diff) | |
Security configuration to make sure that all REST calls are authenticated.
Diffstat (limited to 'src/com.gluster.storage.management.server')
| -rw-r--r-- | src/com.gluster.storage.management.server/src/spring/gluster-server-security.xml | 15 |
1 files changed, 6 insertions, 9 deletions
diff --git a/src/com.gluster.storage.management.server/src/spring/gluster-server-security.xml b/src/com.gluster.storage.management.server/src/spring/gluster-server-security.xml index 6f3ad72f..abcd8c05 100644 --- a/src/com.gluster.storage.management.server/src/spring/gluster-server-security.xml +++ b/src/com.gluster.storage.management.server/src/spring/gluster-server-security.xml @@ -11,16 +11,13 @@ "> <http auto-config="true" use-expressions="true"> - <!-- intercept-url pattern="/1.0/*" - access="hasRole('ROLE_ADMIN') and fullyAuthenticated" /> - <intercept-url pattern="/*" access="permitAll" /--> - <!-- SSL Protection --> - <intercept-url pattern="/*" access="hasRole('ROLE_ADMIN') and fullyAuthenticated" requires-channel="https" /> - <!-- intercept-url pattern="/*" access="permitAll" requires-channel="any" /--> - <port-mappings> - <port-mapping http="8080" https="8443" /> - </port-mappings> + <intercept-url pattern="/1.0/**" access="hasRole('ROLE_ADMIN') and fullyAuthenticated" requires-channel="https" /> + <intercept-url pattern="*.jnlp" access="hasRole('ROLE_ADMIN') and fullyAuthenticated" requires-channel="any" /> + <!-- intercept-url pattern="/*" access="permitAll" requires-channel="any" / --> + <port-mappings> + <port-mapping http="8080" https="8443" /> + </port-mappings> <!-- HTTP basic authentication --> <http-basic /> |