Restructuring the form of REST API deployment to provide
for security of app's REST APIs and for consistency of
exception mappers and JSON writer.
Change-Id: Id318372bf62f82ed974355c05e7fe64e0fbfc0c5
diff --git a/apps/acl/src/main/webapp/WEB-INF/web.xml b/apps/acl/src/main/webapp/WEB-INF/web.xml
index fc188b7..bd5de2f 100644
--- a/apps/acl/src/main/webapp/WEB-INF/web.xml
+++ b/apps/acl/src/main/webapp/WEB-INF/web.xml
@@ -22,20 +22,35 @@
xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
id="ONOS" version="2.5">
- <display-name>ACL application</display-name>
+ <display-name>ACL application REST API</display-name>
+
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>Secured</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>admin</role-name>
+ </auth-constraint>
+ </security-constraint>
+
+ <security-role>
+ <role-name>admin</role-name>
+ </security-role>
+
+ <login-config>
+ <auth-method>BASIC</auth-method>
+ <realm-name>karaf</realm-name>
+ </login-config>
<servlet>
<servlet-name>JAX-RS Service</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<init-param>
- <param-name>com.sun.jersey.config.property.resourceConfigClass</param-name>
- <param-value>com.sun.jersey.api.core.ClassNamesResourceConfig</param-value>
+ <param-name>javax.ws.rs.Application</param-name>
+ <param-value>org.onosproject.acl.AclWebApplication</param-value>
</init-param>
- <init-param>
- <param-name>com.sun.jersey.config.property.classnames</param-name>
- <param-value>org.onosproject.acl.AclWebResource</param-value>
- </init-param>
- <load-on-startup>10</load-on-startup>
+ <load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>