Changing NB API authentication/authorization to use Tomcat Valve. 36/136/2
authorVenkatraghavan Sankarasubbu <vensanka@cisco.com>
Fri, 12 Apr 2013 22:54:17 +0000 (15:54 -0700)
committerVenkatraghavan Sankarasubbu <vensanka@cisco.com>
Fri, 12 Apr 2013 22:54:17 +0000 (15:54 -0700)
Affected modules
1. Flow Programmer
2. Host Tracker
3. Static Roting
4. Statistics
5. Subnets
6. Switch Manager
7. Topology
8. Loadbalancer
Change-Id: I94267ed1878c49b9615e956aa816473361ded8f2
Signed-off-by: Venkatraghavan Sankarasubbu <vensanka@cisco.com>
36 files changed:
opendaylight/commons/opendaylight/pom.xml
opendaylight/northbound/commons/pom.xml
opendaylight/northbound/commons/src/main/java/org/opendaylight/controller/northbound/commons/AuthenticationProviderWrapper.java [deleted file]
opendaylight/northbound/commons/src/main/java/org/opendaylight/controller/northbound/commons/WebSecurityContextRepository.java [deleted file]
opendaylight/northbound/flowprogrammer/pom.xml
opendaylight/northbound/flowprogrammer/src/main/resources/WEB-INF/spring/context.xml [deleted file]
opendaylight/northbound/flowprogrammer/src/main/resources/WEB-INF/spring/servlet/security.xml [deleted file]
opendaylight/northbound/flowprogrammer/src/main/resources/WEB-INF/web.xml
opendaylight/northbound/hosttracker/pom.xml
opendaylight/northbound/hosttracker/src/main/resources/WEB-INF/spring/context.xml [deleted file]
opendaylight/northbound/hosttracker/src/main/resources/WEB-INF/spring/servlet/security.xml [deleted file]
opendaylight/northbound/hosttracker/src/main/resources/WEB-INF/web.xml
opendaylight/northbound/staticrouting/pom.xml
opendaylight/northbound/staticrouting/src/main/resources/WEB-INF/spring/context.xml [deleted file]
opendaylight/northbound/staticrouting/src/main/resources/WEB-INF/spring/servlet/security.xml [deleted file]
opendaylight/northbound/staticrouting/src/main/resources/WEB-INF/web.xml
opendaylight/northbound/statistics/pom.xml
opendaylight/northbound/statistics/src/main/resources/WEB-INF/spring/context.xml [deleted file]
opendaylight/northbound/statistics/src/main/resources/WEB-INF/spring/servlet/security.xml [deleted file]
opendaylight/northbound/statistics/src/main/resources/WEB-INF/web.xml
opendaylight/northbound/subnets/pom.xml
opendaylight/northbound/subnets/src/main/resources/WEB-INF/spring/context.xml [deleted file]
opendaylight/northbound/subnets/src/main/resources/WEB-INF/spring/servlet/security.xml [deleted file]
opendaylight/northbound/subnets/src/main/resources/WEB-INF/web.xml
opendaylight/northbound/switchmanager/pom.xml
opendaylight/northbound/switchmanager/src/main/resources/WEB-INF/spring/context.xml [deleted file]
opendaylight/northbound/switchmanager/src/main/resources/WEB-INF/spring/servlet/security.xml [deleted file]
opendaylight/northbound/switchmanager/src/main/resources/WEB-INF/web.xml
opendaylight/northbound/topology/pom.xml
opendaylight/northbound/topology/src/main/resources/WEB-INF/spring/context.xml [deleted file]
opendaylight/northbound/topology/src/main/resources/WEB-INF/spring/servlet/security.xml [deleted file]
opendaylight/northbound/topology/src/main/resources/WEB-INF/web.xml
opendaylight/samples/northbound/loadbalancer/pom.xml
opendaylight/samples/northbound/loadbalancer/src/main/resources/WEB-INF/spring/context.xml [deleted file]
opendaylight/samples/northbound/loadbalancer/src/main/resources/WEB-INF/spring/servlet/security.xml [deleted file]
opendaylight/samples/northbound/loadbalancer/src/main/resources/WEB-INF/web.xml

index 370526a..f2817ed 100644 (file)
       <artifactId>jersey-json</artifactId>
       <version>${jersey.version}</version>
     </dependency>
-    <dependency>
-      <groupId>com.sun.jersey.contribs</groupId>
-      <artifactId>jersey-spring</artifactId>
-      <version>${jersey.version}</version>
-      <exclusions>
-        <exclusion>
-          <groupId>org.springframework</groupId>
-          <artifactId>spring</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>org.springframework</groupId>
-          <artifactId>spring-aop</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>org.springframework</groupId>
-          <artifactId>spring-core</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>org.springframework</groupId>
-          <artifactId>spring-web</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>org.springframework</groupId>
-          <artifactId>spring-beans</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>org.springframework</groupId>
-          <artifactId>spring-context</artifactId>
-        </exclusion>
-      </exclusions>
-    </dependency>
   </dependencies>
 </project>
index 61e5304..d52bedf 100644 (file)
               org.opendaylight.controller.sal.utils,
               org.opendaylight.controller.usermanager,
               javax.servlet.http, 
-              org.slf4j, 
-              org.springframework.security.authentication, 
-              org.springframework.security.core, 
-              org.springframework.security.core.context, 
-              org.springframework.security.web.context               
+              org.slf4j,                              
             </Import-Package>
           </instructions>
         </configuration>
       <artifactId>usermanager</artifactId>
       <version>0.4.0-SNAPSHOT</version>
     </dependency>
-       <dependency>
-               <groupId>org.springframework.security</groupId>
-               <artifactId>spring-security-core</artifactId>
-               <version>${spring-security.version}</version>
-               <scope>provided</scope>
-       </dependency>
-       <dependency>
-               <groupId>org.springframework.security</groupId>
-               <artifactId>spring-security-web</artifactId>
-               <version>${spring-security.version}</version>
-               <scope>provided</scope>
-       </dependency>        
   </dependencies>
 </project>
diff --git a/opendaylight/northbound/commons/src/main/java/org/opendaylight/controller/northbound/commons/AuthenticationProviderWrapper.java b/opendaylight/northbound/commons/src/main/java/org/opendaylight/controller/northbound/commons/AuthenticationProviderWrapper.java
deleted file mode 100644 (file)
index 821fb12..0000000
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Copyright (c) 2013 Cisco Systems, Inc. and others.  All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v1.0 which accompanies this distribution,
- * and is available at http://www.eclipse.org/legal/epl-v10.html
- */
-
-package org.opendaylight.controller.northbound.commons;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-
-import org.opendaylight.controller.sal.utils.ServiceHelper;
-import org.opendaylight.controller.usermanager.IUserManager;
-
-import org.opendaylight.controller.northbound.commons.exception.InternalServerErrorException;
-
-public class AuthenticationProviderWrapper implements AuthenticationProvider {
-
-    private static final Logger logger = LoggerFactory
-            .getLogger(AuthenticationProviderWrapper.class);
-
-    @Override
-    public Authentication authenticate(Authentication authentication)
-            throws AuthenticationException {
-        return ((AuthenticationProvider) getUserManagerRef())
-                .authenticate(authentication);
-    }
-
-    @Override
-    public boolean supports(Class<?> authentication) {
-        return ((AuthenticationProvider) getUserManagerRef())
-                .supports(authentication);
-    }
-
-    private IUserManager getUserManagerRef() {
-        IUserManager userManager = (IUserManager) ServiceHelper
-                .getGlobalInstance(IUserManager.class, this);
-        if (userManager != null) {
-            return userManager;
-        } else {
-            logger.error("UserManager Ref is null. ");
-            throw new InternalServerErrorException("UserManager Ref is null. ");
-        }
-    }
-
-}
diff --git a/opendaylight/northbound/commons/src/main/java/org/opendaylight/controller/northbound/commons/WebSecurityContextRepository.java b/opendaylight/northbound/commons/src/main/java/org/opendaylight/controller/northbound/commons/WebSecurityContextRepository.java
deleted file mode 100644 (file)
index 9f1c4a5..0000000
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * Copyright (c) 2013 Cisco Systems, Inc. and others.  All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v1.0 which accompanies this distribution,
- * and is available at http://www.eclipse.org/legal/epl-v10.html
- */
-
-package org.opendaylight.controller.northbound.commons;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.security.core.context.SecurityContext;
-import org.springframework.security.web.context.HttpRequestResponseHolder;
-import org.springframework.security.web.context.SecurityContextRepository;
-
-import org.opendaylight.controller.sal.utils.ServiceHelper;
-import org.opendaylight.controller.usermanager.IUserManager;
-
-import org.opendaylight.controller.northbound.commons.exception.InternalServerErrorException;
-
-public class WebSecurityContextRepository implements SecurityContextRepository {
-
-    private static final Logger logger = LoggerFactory
-            .getLogger(WebSecurityContextRepository.class);
-
-    WebSecurityContextRepository() {
-    }
-
-    @Override
-    public SecurityContext loadContext(
-            HttpRequestResponseHolder requestResponseHolder) {
-
-        SecurityContextRepository contextRepo = (SecurityContextRepository) getUserManagerRef()
-                .getSecurityContextRepo();
-        return contextRepo.loadContext(requestResponseHolder);
-    }
-
-    @Override
-    public void saveContext(SecurityContext context,
-            HttpServletRequest request, HttpServletResponse response) {
-        SecurityContextRepository contextRepo = (SecurityContextRepository) getUserManagerRef()
-                .getSecurityContextRepo();
-        contextRepo.saveContext(context, request, response);
-    }
-
-    private IUserManager getUserManagerRef() {
-        IUserManager userManager = (IUserManager) ServiceHelper
-                .getGlobalInstance(IUserManager.class, this);
-        if (userManager != null) {
-            return userManager;
-        } else {
-            logger.error("UserManager Ref is null. ");
-            throw new InternalServerErrorException("UserManager Ref is null. ");
-        }
-    }
-
-    @Override
-    public boolean containsContext(HttpServletRequest request) {
-        SecurityContextRepository contextRepo = (SecurityContextRepository) getUserManagerRef()
-                .getSecurityContextRepo();
-        return contextRepo.containsContext(request);
-    }
-
-}
index c0f03ed..1bfd4eb 100644 (file)
               org.opendaylight.controller.switchmanager,
               org.opendaylight.controller.northbound.commons,
               org.opendaylight.controller.northbound.commons.exception,
-              com.sun.jersey.spi.spring.container.servlet,
-              org.springframework.web.context,
-              org.springframework.web,
-              org.springframework.web.servlet,
-              org.springframework.web.filter,
-              org.springframework.security.config,
-              org.springframework.security.web.authentication,
-              org.springframework.security.web.authentication.www,
+              com.sun.jersey.spi.container.servlet,                            
               javax.ws.rs,
               javax.ws.rs.core,
               javax.xml.bind.annotation,
diff --git a/opendaylight/northbound/flowprogrammer/src/main/resources/WEB-INF/spring/context.xml b/opendaylight/northbound/flowprogrammer/src/main/resources/WEB-INF/spring/context.xml
deleted file mode 100644 (file)
index 8a4bda5..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:context="http://www.springframework.org/schema/context"
-  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-  http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
-
-        <import resource="servlet/security.xml"/>
-
-</beans>
diff --git a/opendaylight/northbound/flowprogrammer/src/main/resources/WEB-INF/spring/servlet/security.xml b/opendaylight/northbound/flowprogrammer/src/main/resources/WEB-INF/spring/servlet/security.xml
deleted file mode 100644 (file)
index bce59ee..0000000
+++ /dev/null
@@ -1,36 +0,0 @@
-<beans:beans xmlns="http://www.springframework.org/schema/security"
-       xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://www.springframework.org/schema/beans
-           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-           http://www.springframework.org/schema/security
-           http://www.springframework.org/schema/security/spring-security-3.1.xsd">
-
-       <http auto-config="false" authentication-manager-ref="authenticationManager"
-               security-context-repository-ref="securityContextRepo" entry-point-ref="authenticationEntryPoint">
-               <intercept-url pattern="/**"
-                       access="ROLE_SYSTEM-ADMIN, ROLE_NETWORK-ADMIN, ROLE_NETWORK-OPERATOR, ROLE_CONTAINER-USER" />
-               <custom-filter ref="restAuthenticationFilter" position="BASIC_AUTH_FILTER" />
-       </http>
-
-       <authentication-manager id="authenticationManager">
-               <authentication-provider ref="AuthenticationProviderWrapper" />
-       </authentication-manager>
-
-       <beans:bean id="restAuthenticationFilter"
-         class="org.springframework.security.web.authentication.www.BasicAuthenticationFilter">
-         <beans:property name="authenticationManager" ref="authenticationManager"/>
-         <beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
-       </beans:bean>
-       
-       <beans:bean id="authenticationEntryPoint"
-         class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint">
-         <beans:property name="realmName" value="opendaylight"/>
-       </beans:bean>
-
-       <beans:bean id="securityContextRepo"
-               class="org.opendaylight.controller.northbound.commons.WebSecurityContextRepository" />
-
-       <beans:bean id="AuthenticationProviderWrapper"
-               class="org.opendaylight.controller.northbound.commons.AuthenticationProviderWrapper" />
-
-</beans:beans>
index df8cba1..83f7e4b 100644 (file)
@@ -1,12 +1,11 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
-http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
-  version="2.4">
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+       version="3.0">
   
        <servlet>
          <servlet-name>JAXRSFlowProgrammer</servlet-name>
-         <servlet-class>com.sun.jersey.spi.spring.container.servlet.SpringServlet</servlet-class>
+         <servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
          <init-param>
            <param-name>javax.ws.rs.Application</param-name>
            <param-value>org.opendaylight.controller.flowprogrammer.northbound.FlowProgrammerNorthboundRSApplication</param-value>
@@ -18,27 +17,35 @@ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
          <servlet-name>JAXRSFlowProgrammer</servlet-name>
          <url-pattern>/*</url-pattern>
        </servlet-mapping>
-       
-<!-- Spring Security related -->
-
-       <listener>
-       <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-       </listener>
-
-       <context-param>
-               <param-name>contextConfigLocation</param-name>
-               <param-value>/WEB-INF/spring/*.xml</param-value>
-       </context-param>
 
-       <filter>
-           <filter-name>springSecurityFilterChain</filter-name>
-           <filter-class>
-               org.springframework.web.filter.DelegatingFilterProxy
-           </filter-class>
-       </filter>
+       <security-constraint>
+               <web-resource-collection>
+                       <web-resource-name>NB api</web-resource-name>
+                       <url-pattern>/*</url-pattern>
+               </web-resource-collection>
+               <auth-constraint>
+                       <role-name>System-Admin</role-name>
+                       <role-name>Network-Admin</role-name>
+                       <role-name>Network-Operator</role-name>
+                       <role-name>Container-User</role-name>
+               </auth-constraint>
+       </security-constraint>
+    
+    <security-role>
+               <role-name>System-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Operator</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Container-User</role-name>
+       </security-role>
        
-       <filter-mapping>
-           <filter-name>springSecurityFilterChain</filter-name>
-           <url-pattern>/*</url-pattern>
-       </filter-mapping>
+       <login-config>
+               <auth-method>BASIC</auth-method>
+               <realm-name>opendaylight</realm-name>
+       </login-config>
 </web-app>
\ No newline at end of file
index 4cb9919..eab9fcb 100644 (file)
               com.sun.jersey.spi.container.servlet,
               org.opendaylight.controller.northbound.commons,
               org.opendaylight.controller.northbound.commons.exception,
-              com.sun.jersey.spi.spring.container.servlet,
-              org.springframework.web.context,
-              org.springframework.web,
-              org.springframework.web.servlet,
-              org.springframework.web.filter,
-              org.springframework.security.config,
-              org.springframework.security.web.authentication,
-              org.springframework.security.web.authentication.www,
               javax.ws.rs,
               javax.ws.rs.core,
               javax.xml.bind.annotation,
diff --git a/opendaylight/northbound/hosttracker/src/main/resources/WEB-INF/spring/context.xml b/opendaylight/northbound/hosttracker/src/main/resources/WEB-INF/spring/context.xml
deleted file mode 100644 (file)
index 8a4bda5..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:context="http://www.springframework.org/schema/context"
-  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-  http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
-
-        <import resource="servlet/security.xml"/>
-
-</beans>
diff --git a/opendaylight/northbound/hosttracker/src/main/resources/WEB-INF/spring/servlet/security.xml b/opendaylight/northbound/hosttracker/src/main/resources/WEB-INF/spring/servlet/security.xml
deleted file mode 100644 (file)
index bce59ee..0000000
+++ /dev/null
@@ -1,36 +0,0 @@
-<beans:beans xmlns="http://www.springframework.org/schema/security"
-       xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://www.springframework.org/schema/beans
-           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-           http://www.springframework.org/schema/security
-           http://www.springframework.org/schema/security/spring-security-3.1.xsd">
-
-       <http auto-config="false" authentication-manager-ref="authenticationManager"
-               security-context-repository-ref="securityContextRepo" entry-point-ref="authenticationEntryPoint">
-               <intercept-url pattern="/**"
-                       access="ROLE_SYSTEM-ADMIN, ROLE_NETWORK-ADMIN, ROLE_NETWORK-OPERATOR, ROLE_CONTAINER-USER" />
-               <custom-filter ref="restAuthenticationFilter" position="BASIC_AUTH_FILTER" />
-       </http>
-
-       <authentication-manager id="authenticationManager">
-               <authentication-provider ref="AuthenticationProviderWrapper" />
-       </authentication-manager>
-
-       <beans:bean id="restAuthenticationFilter"
-         class="org.springframework.security.web.authentication.www.BasicAuthenticationFilter">
-         <beans:property name="authenticationManager" ref="authenticationManager"/>
-         <beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
-       </beans:bean>
-       
-       <beans:bean id="authenticationEntryPoint"
-         class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint">
-         <beans:property name="realmName" value="opendaylight"/>
-       </beans:bean>
-
-       <beans:bean id="securityContextRepo"
-               class="org.opendaylight.controller.northbound.commons.WebSecurityContextRepository" />
-
-       <beans:bean id="AuthenticationProviderWrapper"
-               class="org.opendaylight.controller.northbound.commons.AuthenticationProviderWrapper" />
-
-</beans:beans>
index bfa9fc7..7eb9408 100644 (file)
@@ -1,11 +1,10 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
-http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
-  version="2.4">
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+       version="3.0">
   <servlet>
     <servlet-name>JAXRSHostTracker</servlet-name>
-    <servlet-class>com.sun.jersey.spi.spring.container.servlet.SpringServlet</servlet-class>
+    <servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
     <init-param>
       <param-name>javax.ws.rs.Application</param-name>
       <param-value>org.opendaylight.controller.hosttracker.northbound.HostTrackerNorthboundRSApplication</param-value>
@@ -18,26 +17,34 @@ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
     <url-pattern>/*</url-pattern>
   </servlet-mapping>
 
-<!-- Spring Security related -->
+       <security-constraint>
+               <web-resource-collection>
+                       <web-resource-name>NB api</web-resource-name>
+                       <url-pattern>/*</url-pattern>
+               </web-resource-collection>
+               <auth-constraint>
+                       <role-name>System-Admin</role-name>
+                       <role-name>Network-Admin</role-name>
+                       <role-name>Network-Operator</role-name>
+                       <role-name>Container-User</role-name>
+               </auth-constraint>
+       </security-constraint>
 
-       <listener>
-       <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-       </listener>
+       <security-role>
+               <role-name>System-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Operator</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Container-User</role-name>
+       </security-role>
 
-       <context-param>
-               <param-name>contextConfigLocation</param-name>
-               <param-value>/WEB-INF/spring/*.xml</param-value>
-       </context-param>
-
-       <filter>
-           <filter-name>springSecurityFilterChain</filter-name>
-           <filter-class>
-               org.springframework.web.filter.DelegatingFilterProxy
-           </filter-class>
-       </filter>
-       
-       <filter-mapping>
-           <filter-name>springSecurityFilterChain</filter-name>
-           <url-pattern>/*</url-pattern>
-       </filter-mapping>
+       <login-config>
+               <auth-method>BASIC</auth-method>
+               <realm-name>opendaylight</realm-name>
+       </login-config>
 </web-app>
\ No newline at end of file
index c35c5e6..eeaf550 100644 (file)
               com.sun.jersey.spi.container.servlet,
               org.opendaylight.controller.northbound.commons,
               org.opendaylight.controller.northbound.commons.exception,
-              com.sun.jersey.spi.spring.container.servlet,
-              org.springframework.web.context,
-              org.springframework.web,
-              org.springframework.web.servlet,
-              org.springframework.web.filter,
-              org.springframework.security.config,
-              org.springframework.security.web.authentication,
-              org.springframework.security.web.authentication.www,
               org.slf4j,              
               javax.ws.rs,
               javax.ws.rs.core,
diff --git a/opendaylight/northbound/staticrouting/src/main/resources/WEB-INF/spring/context.xml b/opendaylight/northbound/staticrouting/src/main/resources/WEB-INF/spring/context.xml
deleted file mode 100644 (file)
index 8a4bda5..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:context="http://www.springframework.org/schema/context"
-  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-  http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
-
-        <import resource="servlet/security.xml"/>
-
-</beans>
diff --git a/opendaylight/northbound/staticrouting/src/main/resources/WEB-INF/spring/servlet/security.xml b/opendaylight/northbound/staticrouting/src/main/resources/WEB-INF/spring/servlet/security.xml
deleted file mode 100644 (file)
index bce59ee..0000000
+++ /dev/null
@@ -1,36 +0,0 @@
-<beans:beans xmlns="http://www.springframework.org/schema/security"
-       xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://www.springframework.org/schema/beans
-           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-           http://www.springframework.org/schema/security
-           http://www.springframework.org/schema/security/spring-security-3.1.xsd">
-
-       <http auto-config="false" authentication-manager-ref="authenticationManager"
-               security-context-repository-ref="securityContextRepo" entry-point-ref="authenticationEntryPoint">
-               <intercept-url pattern="/**"
-                       access="ROLE_SYSTEM-ADMIN, ROLE_NETWORK-ADMIN, ROLE_NETWORK-OPERATOR, ROLE_CONTAINER-USER" />
-               <custom-filter ref="restAuthenticationFilter" position="BASIC_AUTH_FILTER" />
-       </http>
-
-       <authentication-manager id="authenticationManager">
-               <authentication-provider ref="AuthenticationProviderWrapper" />
-       </authentication-manager>
-
-       <beans:bean id="restAuthenticationFilter"
-         class="org.springframework.security.web.authentication.www.BasicAuthenticationFilter">
-         <beans:property name="authenticationManager" ref="authenticationManager"/>
-         <beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
-       </beans:bean>
-       
-       <beans:bean id="authenticationEntryPoint"
-         class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint">
-         <beans:property name="realmName" value="opendaylight"/>
-       </beans:bean>
-
-       <beans:bean id="securityContextRepo"
-               class="org.opendaylight.controller.northbound.commons.WebSecurityContextRepository" />
-
-       <beans:bean id="AuthenticationProviderWrapper"
-               class="org.opendaylight.controller.northbound.commons.AuthenticationProviderWrapper" />
-
-</beans:beans>
index da8937e..37901a6 100644 (file)
@@ -1,11 +1,10 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
-http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
-  version="2.4">
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+       version="3.0">
   <servlet>
     <servlet-name>JAXRSStaticRouting</servlet-name>
-    <servlet-class>com.sun.jersey.spi.spring.container.servlet.SpringServlet</servlet-class>
+    <servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
     <init-param>
       <param-name>javax.ws.rs.Application</param-name>
       <param-value>org.opendaylight.controller.forwarding.staticrouting.northbound.StaticRoutingNorthboundRSApplication</param-value>
@@ -13,30 +12,39 @@ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
     <load-on-startup>1</load-on-startup>
   </servlet>
 
-  <servlet-mapping>
-    <servlet-name>JAXRSStaticRouting</servlet-name>
-    <url-pattern>/*</url-pattern>
-  </servlet-mapping>
-<!-- Spring Security related -->
+       <servlet-mapping>
+               <servlet-name>JAXRSStaticRouting</servlet-name>
+               <url-pattern>/*</url-pattern>
+       </servlet-mapping>
 
-       <listener>
-       <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-       </listener>
+       <security-constraint>
+               <web-resource-collection>
+                       <web-resource-name>NB api</web-resource-name>
+                       <url-pattern>/*</url-pattern>
+               </web-resource-collection>
+               <auth-constraint>
+                       <role-name>System-Admin</role-name>
+                       <role-name>Network-Admin</role-name>
+                       <role-name>Network-Operator</role-name>
+                       <role-name>Container-User</role-name>
+               </auth-constraint>
+       </security-constraint>
 
-       <context-param>
-               <param-name>contextConfigLocation</param-name>
-               <param-value>/WEB-INF/spring/*.xml</param-value>
-       </context-param>
+       <security-role>
+               <role-name>System-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Operator</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Container-User</role-name>
+       </security-role>
 
-       <filter>
-           <filter-name>springSecurityFilterChain</filter-name>
-           <filter-class>
-               org.springframework.web.filter.DelegatingFilterProxy
-           </filter-class>
-       </filter>
-       
-       <filter-mapping>
-           <filter-name>springSecurityFilterChain</filter-name>
-           <url-pattern>/*</url-pattern>
-       </filter-mapping>
+       <login-config>
+               <auth-method>BASIC</auth-method>
+               <realm-name>opendaylight</realm-name>
+       </login-config>  
 </web-app>
\ No newline at end of file
index b3fe26f..e10a5b1 100644 (file)
               com.sun.jersey.spi.container.servlet,
               org.opendaylight.controller.northbound.commons,
               org.opendaylight.controller.northbound.commons.exception,
-              com.sun.jersey.spi.spring.container.servlet,
-              org.springframework.web.context,
-              org.springframework.web,
-              org.springframework.web.servlet,
-              org.springframework.web.filter,
-              org.springframework.security.config,
-              org.springframework.security.web.authentication,
-              org.springframework.security.web.authentication.www,
               javax.ws.rs,
               javax.ws.rs.core,
               javax.xml.bind.annotation,
          <artifactId>commons.northbound</artifactId>
          <version>0.4.0-SNAPSHOT</version>
        </dependency>
-        
-       <dependency>
-               <groupId>org.springframework</groupId>
-               <artifactId>spring-web</artifactId>
-               <version>${spring.version}</version>
-               <scope>provided</scope>
-       </dependency>
-
-       <dependency>
-               <groupId>org.springframework.security</groupId>
-               <artifactId>spring-security-config</artifactId>
-               <version>${spring-security.version}</version>
-               <scope>provided</scope>
-       </dependency>
-       
-       <dependency>
-               <groupId>org.springframework.security</groupId>
-               <artifactId>spring-security-web</artifactId>
-               <version>${spring-security.version}</version>
-               <scope>provided</scope>
-       </dependency>
-        
+    
     <dependency>
       <groupId>org.codehaus.enunciate</groupId>
       <artifactId>enunciate-core-annotations</artifactId>
diff --git a/opendaylight/northbound/statistics/src/main/resources/WEB-INF/spring/context.xml b/opendaylight/northbound/statistics/src/main/resources/WEB-INF/spring/context.xml
deleted file mode 100644 (file)
index 8a4bda5..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:context="http://www.springframework.org/schema/context"
-  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-  http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
-
-        <import resource="servlet/security.xml"/>
-
-</beans>
diff --git a/opendaylight/northbound/statistics/src/main/resources/WEB-INF/spring/servlet/security.xml b/opendaylight/northbound/statistics/src/main/resources/WEB-INF/spring/servlet/security.xml
deleted file mode 100644 (file)
index 768aafb..0000000
+++ /dev/null
@@ -1,36 +0,0 @@
-<beans:beans xmlns="http://www.springframework.org/schema/security"
-       xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://www.springframework.org/schema/beans
-           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-           http://www.springframework.org/schema/security
-           http://www.springframework.org/schema/security/spring-security-3.1.xsd">
-
-       <http auto-config="false" authentication-manager-ref="authenticationManager"
-               security-context-repository-ref="securityContextRepo" entry-point-ref="authenticationEntryPoint">
-               <intercept-url pattern="/**"
-                       access="ROLE_SYSTEM-ADMIN, ROLE_NETWORK-ADMIN,ROLE_NETWORK-OPERATOR, ROLE_CONTAINER-USER" />
-               <custom-filter ref="restAuthenticationFilter" position="BASIC_AUTH_FILTER" />
-       </http>
-
-       <authentication-manager id="authenticationManager">
-               <authentication-provider ref="AuthenticationProviderWrapper" />
-       </authentication-manager>
-
-       <beans:bean id="restAuthenticationFilter"
-         class="org.springframework.security.web.authentication.www.BasicAuthenticationFilter">
-         <beans:property name="authenticationManager" ref="authenticationManager"/>
-         <beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
-       </beans:bean>
-       
-       <beans:bean id="authenticationEntryPoint"
-         class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint">
-         <beans:property name="realmName" value="opendaylight"/>
-       </beans:bean>
-
-       <beans:bean id="securityContextRepo"
-               class="org.opendaylight.controller.northbound.commons.WebSecurityContextRepository" />
-
-       <beans:bean id="AuthenticationProviderWrapper"
-               class="org.opendaylight.controller.northbound.commons.AuthenticationProviderWrapper" />
-
-</beans:beans>
index 2b9f75f..24242d3 100644 (file)
@@ -1,11 +1,10 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
-http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
-  version="2.4">
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+       version="3.0">
   <servlet>
     <servlet-name>JAXRSStatistics</servlet-name>
-    <servlet-class>com.sun.jersey.spi.spring.container.servlet.SpringServlet</servlet-class>
+    <servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
     <init-param>
       <param-name>javax.ws.rs.Application</param-name>
       <param-value>org.opendaylight.controller.statistics.northbound.StatisticsNorthboundRSApplication</param-value>
@@ -18,26 +17,34 @@ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
     <url-pattern>/*</url-pattern>
   </servlet-mapping>
 
-<!-- Spring Security related -->
+       <security-constraint>
+               <web-resource-collection>
+                       <web-resource-name>NB api</web-resource-name>
+                       <url-pattern>/*</url-pattern>
+               </web-resource-collection>
+               <auth-constraint>
+                       <role-name>System-Admin</role-name>
+                       <role-name>Network-Admin</role-name>
+                       <role-name>Network-Operator</role-name>
+                       <role-name>Container-User</role-name>
+               </auth-constraint>
+       </security-constraint>
 
-       <listener>
-       <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-       </listener>
+       <security-role>
+               <role-name>System-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Operator</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Container-User</role-name>
+       </security-role>
 
-       <context-param>
-               <param-name>contextConfigLocation</param-name>
-               <param-value>/WEB-INF/spring/*.xml</param-value>
-       </context-param>
-
-       <filter>
-           <filter-name>springSecurityFilterChain</filter-name>
-           <filter-class>
-               org.springframework.web.filter.DelegatingFilterProxy
-           </filter-class>
-       </filter>
-       
-       <filter-mapping>
-           <filter-name>springSecurityFilterChain</filter-name>
-           <url-pattern>/*</url-pattern>
-       </filter-mapping>
+       <login-config>
+               <auth-method>BASIC</auth-method>
+               <realm-name>opendaylight</realm-name>
+       </login-config>
 </web-app>
\ No newline at end of file
index aa18909..cfba4ff 100644 (file)
               javax.ws.rs.core,
               javax.xml.bind.annotation,
               org.slf4j,
-              com.sun.jersey.spi.spring.container.servlet,
-              org.springframework.web.context,
-              org.springframework.web,
-              org.springframework.web.servlet,
-              org.springframework.web.filter,
-              org.springframework.security.config,
-              org.springframework.security.web.authentication,
-              org.springframework.security.web.authentication.www,
               !org.codehaus.enunciate.jaxrs
             </Import-Package>
             <Export-Package>
diff --git a/opendaylight/northbound/subnets/src/main/resources/WEB-INF/spring/context.xml b/opendaylight/northbound/subnets/src/main/resources/WEB-INF/spring/context.xml
deleted file mode 100644 (file)
index 8a4bda5..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:context="http://www.springframework.org/schema/context"
-  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-  http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
-
-        <import resource="servlet/security.xml"/>
-
-</beans>
diff --git a/opendaylight/northbound/subnets/src/main/resources/WEB-INF/spring/servlet/security.xml b/opendaylight/northbound/subnets/src/main/resources/WEB-INF/spring/servlet/security.xml
deleted file mode 100644 (file)
index 768aafb..0000000
+++ /dev/null
@@ -1,36 +0,0 @@
-<beans:beans xmlns="http://www.springframework.org/schema/security"
-       xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://www.springframework.org/schema/beans
-           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-           http://www.springframework.org/schema/security
-           http://www.springframework.org/schema/security/spring-security-3.1.xsd">
-
-       <http auto-config="false" authentication-manager-ref="authenticationManager"
-               security-context-repository-ref="securityContextRepo" entry-point-ref="authenticationEntryPoint">
-               <intercept-url pattern="/**"
-                       access="ROLE_SYSTEM-ADMIN, ROLE_NETWORK-ADMIN,ROLE_NETWORK-OPERATOR, ROLE_CONTAINER-USER" />
-               <custom-filter ref="restAuthenticationFilter" position="BASIC_AUTH_FILTER" />
-       </http>
-
-       <authentication-manager id="authenticationManager">
-               <authentication-provider ref="AuthenticationProviderWrapper" />
-       </authentication-manager>
-
-       <beans:bean id="restAuthenticationFilter"
-         class="org.springframework.security.web.authentication.www.BasicAuthenticationFilter">
-         <beans:property name="authenticationManager" ref="authenticationManager"/>
-         <beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
-       </beans:bean>
-       
-       <beans:bean id="authenticationEntryPoint"
-         class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint">
-         <beans:property name="realmName" value="opendaylight"/>
-       </beans:bean>
-
-       <beans:bean id="securityContextRepo"
-               class="org.opendaylight.controller.northbound.commons.WebSecurityContextRepository" />
-
-       <beans:bean id="AuthenticationProviderWrapper"
-               class="org.opendaylight.controller.northbound.commons.AuthenticationProviderWrapper" />
-
-</beans:beans>
index b0fc9ee..1c201d3 100644 (file)
@@ -1,11 +1,10 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
-http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
-  version="2.4">
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+       version="3.0">  
   <servlet>
     <servlet-name>JAXRSSubnets</servlet-name>
-    <servlet-class>com.sun.jersey.spi.spring.container.servlet.SpringServlet</servlet-class>
+    <servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
     <init-param>
       <param-name>javax.ws.rs.Application</param-name>
       <param-value>org.opendaylight.controller.subnets.northbound.SubnetsNorthboundRSApplication</param-value>
@@ -17,26 +16,34 @@ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
     <servlet-name>JAXRSSubnets</servlet-name>
     <url-pattern>/*</url-pattern>
   </servlet-mapping>
-<!-- Spring Security related -->
+       <security-constraint>
+               <web-resource-collection>
+                       <web-resource-name>NB api</web-resource-name>
+                       <url-pattern>/*</url-pattern>
+               </web-resource-collection>
+               <auth-constraint>
+                       <role-name>System-Admin</role-name>
+                       <role-name>Network-Admin</role-name>
+                       <role-name>Network-Operator</role-name>
+                       <role-name>Container-User</role-name>
+               </auth-constraint>
+       </security-constraint>
 
-       <listener>
-       <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-       </listener>
+       <security-role>
+               <role-name>System-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Operator</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Container-User</role-name>
+       </security-role>
 
-       <context-param>
-               <param-name>contextConfigLocation</param-name>
-               <param-value>/WEB-INF/spring/*.xml</param-value>
-       </context-param>
-
-       <filter>
-           <filter-name>springSecurityFilterChain</filter-name>
-           <filter-class>
-               org.springframework.web.filter.DelegatingFilterProxy
-           </filter-class>
-       </filter>
-       
-       <filter-mapping>
-           <filter-name>springSecurityFilterChain</filter-name>
-           <url-pattern>/*</url-pattern>
-       </filter-mapping>
+       <login-config>
+               <auth-method>BASIC</auth-method>
+               <realm-name>opendaylight</realm-name>
+       </login-config>
 </web-app>
index 4a8504b..e4c73ac 100644 (file)
               com.sun.jersey.spi.container.servlet,
               org.opendaylight.controller.northbound.commons,
               org.opendaylight.controller.northbound.commons.exception,
-              com.sun.jersey.spi.spring.container.servlet,
-              org.springframework.web.context,
-              org.springframework.web,
-              org.springframework.web.servlet,
-              org.springframework.web.filter,
-              org.springframework.security.config,
-              org.springframework.security.web.authentication,
-              org.springframework.security.web.authentication.www,
               javax.ws.rs,
               javax.ws.rs.core,
               javax.xml.bind.annotation,
                <version>${spring.version}</version>
                <scope>provided</scope>
        </dependency>
-
-       <dependency>
-               <groupId>org.springframework.security</groupId>
-               <artifactId>spring-security-config</artifactId>
-               <version>${spring-security.version}</version>
-               <scope>provided</scope>
-       </dependency>
-       
-       <dependency>
-               <groupId>org.springframework.security</groupId>
-               <artifactId>spring-security-web</artifactId>
-               <version>${spring-security.version}</version>
-               <scope>provided</scope>
-       </dependency>
-        
+               
     <dependency>
       <groupId>org.codehaus.enunciate</groupId>
       <artifactId>enunciate-core-annotations</artifactId>
diff --git a/opendaylight/northbound/switchmanager/src/main/resources/WEB-INF/spring/context.xml b/opendaylight/northbound/switchmanager/src/main/resources/WEB-INF/spring/context.xml
deleted file mode 100644 (file)
index 8a4bda5..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:context="http://www.springframework.org/schema/context"
-  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-  http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
-
-        <import resource="servlet/security.xml"/>
-
-</beans>
diff --git a/opendaylight/northbound/switchmanager/src/main/resources/WEB-INF/spring/servlet/security.xml b/opendaylight/northbound/switchmanager/src/main/resources/WEB-INF/spring/servlet/security.xml
deleted file mode 100644 (file)
index 768aafb..0000000
+++ /dev/null
@@ -1,36 +0,0 @@
-<beans:beans xmlns="http://www.springframework.org/schema/security"
-       xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://www.springframework.org/schema/beans
-           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-           http://www.springframework.org/schema/security
-           http://www.springframework.org/schema/security/spring-security-3.1.xsd">
-
-       <http auto-config="false" authentication-manager-ref="authenticationManager"
-               security-context-repository-ref="securityContextRepo" entry-point-ref="authenticationEntryPoint">
-               <intercept-url pattern="/**"
-                       access="ROLE_SYSTEM-ADMIN, ROLE_NETWORK-ADMIN,ROLE_NETWORK-OPERATOR, ROLE_CONTAINER-USER" />
-               <custom-filter ref="restAuthenticationFilter" position="BASIC_AUTH_FILTER" />
-       </http>
-
-       <authentication-manager id="authenticationManager">
-               <authentication-provider ref="AuthenticationProviderWrapper" />
-       </authentication-manager>
-
-       <beans:bean id="restAuthenticationFilter"
-         class="org.springframework.security.web.authentication.www.BasicAuthenticationFilter">
-         <beans:property name="authenticationManager" ref="authenticationManager"/>
-         <beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
-       </beans:bean>
-       
-       <beans:bean id="authenticationEntryPoint"
-         class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint">
-         <beans:property name="realmName" value="opendaylight"/>
-       </beans:bean>
-
-       <beans:bean id="securityContextRepo"
-               class="org.opendaylight.controller.northbound.commons.WebSecurityContextRepository" />
-
-       <beans:bean id="AuthenticationProviderWrapper"
-               class="org.opendaylight.controller.northbound.commons.AuthenticationProviderWrapper" />
-
-</beans:beans>
index 697a7e3..a16cdfa 100644 (file)
@@ -1,11 +1,10 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
-http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
-  version="2.4">
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+       version="3.0">
   <servlet>
     <servlet-name>JAXRSSwitchManager</servlet-name>
-    <servlet-class>com.sun.jersey.spi.spring.container.servlet.SpringServlet</servlet-class>
+    <servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
     <init-param>
       <param-name>javax.ws.rs.Application</param-name>
       <param-value>org.opendaylight.controller.switchmanager.northbound.SwitchNorthboundRSApplication</param-value>
@@ -18,26 +17,34 @@ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
     <url-pattern>/*</url-pattern>
   </servlet-mapping>
 
-<!-- Spring Security related -->
+       <security-constraint>
+               <web-resource-collection>
+                       <web-resource-name>NB api</web-resource-name>
+                       <url-pattern>/*</url-pattern>
+               </web-resource-collection>
+               <auth-constraint>
+                       <role-name>System-Admin</role-name>
+                       <role-name>Network-Admin</role-name>
+                       <role-name>Network-Operator</role-name>
+                       <role-name>Container-User</role-name>
+               </auth-constraint>
+       </security-constraint>
 
-       <listener>
-       <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-       </listener>
+       <security-role>
+               <role-name>System-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Operator</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Container-User</role-name>
+       </security-role>
 
-       <context-param>
-               <param-name>contextConfigLocation</param-name>
-               <param-value>/WEB-INF/spring/*.xml</param-value>
-       </context-param>
-
-       <filter>
-           <filter-name>springSecurityFilterChain</filter-name>
-           <filter-class>
-               org.springframework.web.filter.DelegatingFilterProxy
-           </filter-class>
-       </filter>
-       
-       <filter-mapping>
-           <filter-name>springSecurityFilterChain</filter-name>
-           <url-pattern>/*</url-pattern>
-       </filter-mapping>
+       <login-config>
+               <auth-method>BASIC</auth-method>
+               <realm-name>opendaylight</realm-name>
+       </login-config>
 </web-app>
\ No newline at end of file
index 803fe40..c31b478 100644 (file)
               javax.xml.bind,
               javax.xml.bind.annotation,
               org.slf4j,
-              com.sun.jersey.spi.spring.container.servlet,
-              org.springframework.web.context,
-              org.springframework.web,
-              org.springframework.web.servlet,
-              org.springframework.web.filter,
-              org.springframework.security.config,
-              org.springframework.security.web.authentication,
-              org.springframework.security.web.authentication.www,
               !org.codehaus.enunciate.jaxrs
             </Import-Package>
             <Web-ContextPath>/controller/nb/v2/topology</Web-ContextPath>
diff --git a/opendaylight/northbound/topology/src/main/resources/WEB-INF/spring/context.xml b/opendaylight/northbound/topology/src/main/resources/WEB-INF/spring/context.xml
deleted file mode 100644 (file)
index 8a4bda5..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:context="http://www.springframework.org/schema/context"
-  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-  http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
-
-        <import resource="servlet/security.xml"/>
-
-</beans>
diff --git a/opendaylight/northbound/topology/src/main/resources/WEB-INF/spring/servlet/security.xml b/opendaylight/northbound/topology/src/main/resources/WEB-INF/spring/servlet/security.xml
deleted file mode 100644 (file)
index 768aafb..0000000
+++ /dev/null
@@ -1,36 +0,0 @@
-<beans:beans xmlns="http://www.springframework.org/schema/security"
-       xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://www.springframework.org/schema/beans
-           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-           http://www.springframework.org/schema/security
-           http://www.springframework.org/schema/security/spring-security-3.1.xsd">
-
-       <http auto-config="false" authentication-manager-ref="authenticationManager"
-               security-context-repository-ref="securityContextRepo" entry-point-ref="authenticationEntryPoint">
-               <intercept-url pattern="/**"
-                       access="ROLE_SYSTEM-ADMIN, ROLE_NETWORK-ADMIN,ROLE_NETWORK-OPERATOR, ROLE_CONTAINER-USER" />
-               <custom-filter ref="restAuthenticationFilter" position="BASIC_AUTH_FILTER" />
-       </http>
-
-       <authentication-manager id="authenticationManager">
-               <authentication-provider ref="AuthenticationProviderWrapper" />
-       </authentication-manager>
-
-       <beans:bean id="restAuthenticationFilter"
-         class="org.springframework.security.web.authentication.www.BasicAuthenticationFilter">
-         <beans:property name="authenticationManager" ref="authenticationManager"/>
-         <beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
-       </beans:bean>
-       
-       <beans:bean id="authenticationEntryPoint"
-         class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint">
-         <beans:property name="realmName" value="opendaylight"/>
-       </beans:bean>
-
-       <beans:bean id="securityContextRepo"
-               class="org.opendaylight.controller.northbound.commons.WebSecurityContextRepository" />
-
-       <beans:bean id="AuthenticationProviderWrapper"
-               class="org.opendaylight.controller.northbound.commons.AuthenticationProviderWrapper" />
-
-</beans:beans>
index 9d21599..e40c5fb 100644 (file)
@@ -1,11 +1,10 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
-http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
-  version="2.4">
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+       version="3.0">
   <servlet>
     <servlet-name>JAXRSTopology</servlet-name>
-    <servlet-class>com.sun.jersey.spi.spring.container.servlet.SpringServlet</servlet-class>
+    <servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
     <init-param>
       <param-name>javax.ws.rs.Application</param-name>
       <param-value>org.opendaylight.controller.topology.northbound.TopologyNorthboundRSApplication</param-value>
@@ -17,26 +16,35 @@ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
     <servlet-name>JAXRSTopology</servlet-name>
     <url-pattern>/*</url-pattern>
   </servlet-mapping>
-<!-- Spring Security related -->
 
-       <listener>
-       <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-       </listener>
+       <security-constraint>
+               <web-resource-collection>
+                       <web-resource-name>NB api</web-resource-name>
+                       <url-pattern>/*</url-pattern>
+               </web-resource-collection>
+               <auth-constraint>
+                       <role-name>System-Admin</role-name>
+                       <role-name>Network-Admin</role-name>
+                       <role-name>Network-Operator</role-name>
+                       <role-name>Container-User</role-name>
+               </auth-constraint>
+       </security-constraint>
 
-       <context-param>
-               <param-name>contextConfigLocation</param-name>
-               <param-value>/WEB-INF/spring/*.xml</param-value>
-       </context-param>
+       <security-role>
+               <role-name>System-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Operator</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Container-User</role-name>
+       </security-role>
 
-       <filter>
-           <filter-name>springSecurityFilterChain</filter-name>
-           <filter-class>
-               org.springframework.web.filter.DelegatingFilterProxy
-           </filter-class>
-       </filter>
-       
-       <filter-mapping>
-           <filter-name>springSecurityFilterChain</filter-name>
-           <url-pattern>/*</url-pattern>
-       </filter-mapping>
+       <login-config>
+               <auth-method>BASIC</auth-method>
+               <realm-name>opendaylight</realm-name>
+       </login-config>
 </web-app>
index 2b9b1c4..cabcf8d 100644 (file)
                                com.sun.jersey.spi.container.servlet,
                                org.opendaylight.controller.northbound.commons,
                                org.opendaylight.controller.northbound.commons.exception,
-                               com.sun.jersey.spi.spring.container.servlet,
-                               org.springframework.web.context,
-                               org.springframework.web,
-                               org.springframework.web.servlet,
-                               org.springframework.web.filter,
-                               org.springframework.security.config,
-                               org.springframework.security.web.authentication,
-                               org.springframework.security.web.authentication.www,
                                javax.ws.rs,
                                javax.ws.rs.core,
                                javax.xml.bind.annotation,
diff --git a/opendaylight/samples/northbound/loadbalancer/src/main/resources/WEB-INF/spring/context.xml b/opendaylight/samples/northbound/loadbalancer/src/main/resources/WEB-INF/spring/context.xml
deleted file mode 100644 (file)
index 8a4bda5..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:context="http://www.springframework.org/schema/context"
-  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-  http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
-
-        <import resource="servlet/security.xml"/>
-
-</beans>
diff --git a/opendaylight/samples/northbound/loadbalancer/src/main/resources/WEB-INF/spring/servlet/security.xml b/opendaylight/samples/northbound/loadbalancer/src/main/resources/WEB-INF/spring/servlet/security.xml
deleted file mode 100644 (file)
index bce59ee..0000000
+++ /dev/null
@@ -1,36 +0,0 @@
-<beans:beans xmlns="http://www.springframework.org/schema/security"
-       xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://www.springframework.org/schema/beans
-           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-           http://www.springframework.org/schema/security
-           http://www.springframework.org/schema/security/spring-security-3.1.xsd">
-
-       <http auto-config="false" authentication-manager-ref="authenticationManager"
-               security-context-repository-ref="securityContextRepo" entry-point-ref="authenticationEntryPoint">
-               <intercept-url pattern="/**"
-                       access="ROLE_SYSTEM-ADMIN, ROLE_NETWORK-ADMIN, ROLE_NETWORK-OPERATOR, ROLE_CONTAINER-USER" />
-               <custom-filter ref="restAuthenticationFilter" position="BASIC_AUTH_FILTER" />
-       </http>
-
-       <authentication-manager id="authenticationManager">
-               <authentication-provider ref="AuthenticationProviderWrapper" />
-       </authentication-manager>
-
-       <beans:bean id="restAuthenticationFilter"
-         class="org.springframework.security.web.authentication.www.BasicAuthenticationFilter">
-         <beans:property name="authenticationManager" ref="authenticationManager"/>
-         <beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
-       </beans:bean>
-       
-       <beans:bean id="authenticationEntryPoint"
-         class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint">
-         <beans:property name="realmName" value="opendaylight"/>
-       </beans:bean>
-
-       <beans:bean id="securityContextRepo"
-               class="org.opendaylight.controller.northbound.commons.WebSecurityContextRepository" />
-
-       <beans:bean id="AuthenticationProviderWrapper"
-               class="org.opendaylight.controller.northbound.commons.AuthenticationProviderWrapper" />
-
-</beans:beans>
index 5011e74..365e4b2 100644 (file)
@@ -1,11 +1,10 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
-http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
-  version="2.4">
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+       version="3.0">
   <servlet>
     <servlet-name>JAXRSLoadBalancer</servlet-name>
-    <servlet-class>com.sun.jersey.spi.spring.container.servlet.SpringServlet</servlet-class>
+    <servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
     <init-param>
       <param-name>javax.ws.rs.Application</param-name>
       <param-value>org.opendaylight.controller.samples.loadbalancer.northbound.LoadBalancerNorthboundRSApplication</param-value>
@@ -18,26 +17,34 @@ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
     <url-pattern>/*</url-pattern>
   </servlet-mapping>
 
-<!-- Spring Security related -->
+       <security-constraint>
+               <web-resource-collection>
+                       <web-resource-name>NB api</web-resource-name>
+                       <url-pattern>/*</url-pattern>
+               </web-resource-collection>
+               <auth-constraint>
+                       <role-name>System-Admin</role-name>
+                       <role-name>Network-Admin</role-name>
+                       <role-name>Network-Operator</role-name>
+                       <role-name>Container-User</role-name>
+               </auth-constraint>
+       </security-constraint>
 
-       <listener>
-       <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-       </listener>
+       <security-role>
+               <role-name>System-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Operator</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Container-User</role-name>
+       </security-role>
 
-       <context-param>
-               <param-name>contextConfigLocation</param-name>
-               <param-value>/WEB-INF/spring/*.xml</param-value>
-       </context-param>
-
-       <filter>
-           <filter-name>springSecurityFilterChain</filter-name>
-           <filter-class>
-               org.springframework.web.filter.DelegatingFilterProxy
-           </filter-class>
-       </filter>
-       
-       <filter-mapping>
-           <filter-name>springSecurityFilterChain</filter-name>
-           <url-pattern>/*</url-pattern>
-       </filter-mapping>
+       <login-config>
+               <auth-method>BASIC</auth-method>
+               <realm-name>opendaylight</realm-name>
+       </login-config>
 </web-app>