From cb51aff39e54666fbec535d895fdefecfcee9b49 Mon Sep 17 00:00:00 2001 From: Ryan Goulding Date: Fri, 3 Apr 2015 10:44:59 -0400 Subject: [PATCH] Bug 2942: odl-mdsal-apidocs feature is not protected through AAA This change enforces AAA on the URL endpoints supported by odl-mdsal-apidocs. The security model prohibits any access to the controller without authentication. This change mandates AAA for odl-mdsal-apidocs URLs. Change-Id: I74226e702568077d769353d5fe49fe21cd187266 Signed-off-by: Ryan Goulding --- .../src/main/resources/WEB-INF/web.xml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/opendaylight/md-sal/sal-rest-docgen/src/main/resources/WEB-INF/web.xml b/opendaylight/md-sal/sal-rest-docgen/src/main/resources/WEB-INF/web.xml index d777942b53..0e660eaf6d 100644 --- a/opendaylight/md-sal/sal-rest-docgen/src/main/resources/WEB-INF/web.xml +++ b/opendaylight/md-sal/sal-rest-docgen/src/main/resources/WEB-INF/web.xml @@ -12,6 +12,11 @@ javax.ws.rs.Application org.opendaylight.controller.sal.rest.doc.jaxrs.ApiDocApplication + + + com.sun.jersey.spi.container.ContainerRequestFilters + org.opendaylight.aaa.sts.TokenAuthFilter + 1 @@ -44,11 +49,8 @@ - free access - /explorer/css/* - /explorer/images/* - /explorer/lib/* - /explorer/* + API Doc + /* -- 2.36.6