Added RBAC for REST APIs. - admin role required for POST, PUT, DELETE & PATCH - viewer role required for all other requests - cleaned up all web.xml files for consistency and correctness Change-Id: I33bad5cec0fb0f4285eed84173025b0a107b5aec

commit: 67484d9008eb427b7e221ec688902bf1ce80664a [log] [tgz]
author: Thomas Vachuska <tom@opennetworking.org> Tue Jul 17 11:51:54 2018 -0700
committer: Thomas Vachuska <tom@opennetworking.org> Tue Jul 17 12:10:00 2018 -0700
tree: 84449ed5f6a925b3321d8dc2e2db32c0e0669e4f
parent: 3933295cd0aff9d669bd3ec27a7a78ac4ad216d1 [diff] [blame]
diff --git a/apps/mfwd/src/main/webapp/WEB-INF/web.xml b/apps/mfwd/src/main/webapp/WEB-INF/web.xml
index 9757ff4..19afe5e 100644
--- a/apps/mfwd/src/main/webapp/WEB-INF/web.xml
+++ b/apps/mfwd/src/main/webapp/WEB-INF/web.xml

@@ -20,6 +20,27 @@
          id="ONOS" version="2.5">
     <display-name>ONOS APP MFWD</display-name>
 
+    <security-constraint>
+        <web-resource-collection>
+            <web-resource-name>Secured</web-resource-name>
+            <url-pattern>/*</url-pattern>
+        </web-resource-collection>
+        <auth-constraint>
+            <role-name>admin</role-name>
+            <role-name>viewer</role-name>
+        </auth-constraint>
+    </security-constraint>
+
+    <security-role>
+        <role-name>admin</role-name>
+        <role-name>viewer</role-name>
+    </security-role>
+
+    <login-config>
+        <auth-method>BASIC</auth-method>
+        <realm-name>karaf</realm-name>
+    </login-config>
+
     <servlet>
         <servlet-name>JAX-RS Service</servlet-name>
         <servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
commit	67484d9008eb427b7e221ec688902bf1ce80664a	[log] [tgz]
author	Thomas Vachuska <tom@opennetworking.org>	Tue Jul 17 11:51:54 2018 -0700
committer	Thomas Vachuska <tom@opennetworking.org>	Tue Jul 17 12:10:00 2018 -0700
tree	84449ed5f6a925b3321d8dc2e2db32c0e0669e4f
parent	3933295cd0aff9d669bd3ec27a7a78ac4ad216d1 [diff] [blame]