commit 67484d9008eb427b7e221ec688902bf1ce80664a
author Thomas Vachuska <tom@opennetworking.org> Tue Jul 17 11:51:54 2018 -0700
committer Thomas Vachuska <tom@opennetworking.org> Tue Jul 17 12:10:00 2018 -0700
tree 84449ed5f6a925b3321d8dc2e2db32c0e0669e4f
parent 3933295cd0aff9d669bd3ec27a7a78ac4ad216d1

Added RBAC for REST APIs.

- admin role required for POST, PUT, DELETE & PATCH
- viewer role required for all other requests
- cleaned up all web.xml files for consistency and correctness

Change-Id: I33bad5cec0fb0f4285eed84173025b0a107b5aec

apps/vtn/vtnweb/src/main/webapp/WEB-INF/web.xml

diff --git a/apps/vtn/vtnweb/src/main/webapp/WEB-INF/web.xml b/apps/vtn/vtnweb/src/main/webapp/WEB-INF/web.xml
index f83ad87..8c368d9 100644
--- a/apps/vtn/vtnweb/src/main/webapp/WEB-INF/web.xml
+++ b/apps/vtn/vtnweb/src/main/webapp/WEB-INF/web.xml
@@ -20,7 +20,6 @@
          id="ONOS" version="2.5">
     <display-name>VTNRSC REST API v1.0</display-name>
 
-    <!-- TODO: this should be uncommented
     <security-constraint>
         <web-resource-collection>
             <web-resource-name>Secured</web-resource-name>
@@ -28,18 +27,19 @@
         </web-resource-collection>
         <auth-constraint>
             <role-name>admin</role-name>
+            <role-name>viewer</role-name>
         </auth-constraint>
     </security-constraint>
 
     <security-role>
         <role-name>admin</role-name>
+        <role-name>viewer</role-name>
     </security-role>
 
     <login-config>
         <auth-method>BASIC</auth-method>
         <realm-name>karaf</realm-name>
     </login-config>
-    -->
 
     <servlet>
         <servlet-name>JAX-RS Service</servlet-name>