Added RBAC for REST APIs.
- admin role required for POST, PUT, DELETE & PATCH
- viewer role required for all other requests
- cleaned up all web.xml files for consistency and correctness
Change-Id: I33bad5cec0fb0f4285eed84173025b0a107b5aec
diff --git a/utils/rest/src/main/java/org/onlab/rest/AbstractWebApplication.java b/utils/rest/src/main/java/org/onlab/rest/AbstractWebApplication.java
index f744929..41839c7 100644
--- a/utils/rest/src/main/java/org/onlab/rest/AbstractWebApplication.java
+++ b/utils/rest/src/main/java/org/onlab/rest/AbstractWebApplication.java
@@ -19,6 +19,7 @@
import com.google.common.collect.ImmutableSet;
import org.onlab.rest.exceptions.BadRequestMapper;
import org.onlab.rest.exceptions.EntityNotFoundMapper;
+import org.onlab.rest.exceptions.ForbiddenMapper;
import org.onlab.rest.exceptions.IllegalArgumentExceptionMapper;
import org.onlab.rest.exceptions.IllegalStateExceptionMapper;
import org.onlab.rest.exceptions.NotFoundMapper;
@@ -43,7 +44,9 @@
*/
protected Set<Class<?>> getClasses(Class<?>... classes) {
ImmutableSet.Builder<Class<?>> builder = ImmutableSet.builder();
- builder.add(ServiceNotFoundMapper.class,
+ builder.add(AuthorizationFilter.class,
+ ForbiddenMapper.class,
+ ServiceNotFoundMapper.class,
EntityNotFoundMapper.class,
NotFoundMapper.class,
ServerErrorMapper.class,