This change enforces AAA on the URL endpoints supported by odl-mdsal-apidocs.
The security model prohibits any access to the controller without
authentication. This change mandates AAA for odl-mdsal-apidocs URLs.
Change-Id: I74226e702568077d769353d5fe49fe21cd187266
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
<param-name>javax.ws.rs.Application</param-name>
<param-value>org.opendaylight.controller.sal.rest.doc.jaxrs.ApiDocApplication</param-value>
</init-param>
<param-name>javax.ws.rs.Application</param-name>
<param-value>org.opendaylight.controller.sal.rest.doc.jaxrs.ApiDocApplication</param-value>
</init-param>
+ <!-- AAA Auth Filter -->
+ <init-param>
+ <param-name>com.sun.jersey.spi.container.ContainerRequestFilters</param-name>
+ <param-value> org.opendaylight.aaa.sts.TokenAuthFilter</param-value>
+ </init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<load-on-startup>1</load-on-startup>
</servlet>
<security-constraint>
<web-resource-collection>
<security-constraint>
<web-resource-collection>
- <web-resource-name>free access</web-resource-name>
- <url-pattern>/explorer/css/*</url-pattern>
- <url-pattern>/explorer/images/*</url-pattern>
- <url-pattern>/explorer/lib/*</url-pattern>
- <url-pattern>/explorer/*</url-pattern>
+ <web-resource-name>API Doc</web-resource-name>
+ <url-pattern>/*</url-pattern>
</web-resource-collection>
</security-constraint>
</web-resource-collection>
</security-constraint>