OS-3 fixing exploit to upload malicious apps through UI rest APIs Change-Id: Ia5f14b6667d7843a80cccb2794e3de5038eaa0be

commit: b582df38ac8456d65aba868923dd18872f97ddf5 [log] [tgz]
author: Andrea Campanella <andrea@onlab.us> Fri May 05 09:08:11 2017 -0700
committer: Andrea Campanella <andrea@onlab.us> Tue May 09 22:47:14 2017 +0000
tree: dcfab1d120f60ad5268998931b556ba700acacde
parent: 921593c4a350210d7019d4c9fb5a7b46e96e94d4 [diff] [blame]
diff --git a/web/gui/src/main/webapp/WEB-INF/web.xml b/web/gui/src/main/webapp/WEB-INF/web.xml
index 10a18d2..d64f936 100644
--- a/web/gui/src/main/webapp/WEB-INF/web.xml
+++ b/web/gui/src/main/webapp/WEB-INF/web.xml

@@ -32,6 +32,10 @@
             <web-resource-name>Secured</web-resource-name>
             <url-pattern>/index.html</url-pattern>
         </web-resource-collection>
+        <web-resource-collection>
+            <web-resource-name>Secured API</web-resource-name>
+            <url-pattern>/rs/applications/*</url-pattern>
+        </web-resource-collection>
         <auth-constraint>
             <role-name>admin</role-name>
         </auth-constraint>
commit	b582df38ac8456d65aba868923dd18872f97ddf5	[log] [tgz]
author	Andrea Campanella <andrea@onlab.us>	Fri May 05 09:08:11 2017 -0700
committer	Andrea Campanella <andrea@onlab.us>	Tue May 09 22:47:14 2017 +0000
tree	dcfab1d120f60ad5268998931b556ba700acacde
parent	921593c4a350210d7019d4c9fb5a7b46e96e94d4 [diff] [blame]