aboutsummaryrefslogtreecommitdiffstats
path: root/sdnr/wt/oauth-provider/oauth-core/src/test/resources/aaa-app-config.test.xml
blob: e46508d68a2aade6363012372d53d771bcfe51b1 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77

<?xml version="1.0" ?>


<shiro-configuration xmlns="urn:opendaylight:aaa:app:config">


    <main>
        <pair-key>tokenAuthRealm</pair-key>
        <pair-value>org.onap.ccsdk.features.sdnr.wt.oauthprovider.OAuth2Realm</pair-value>
    </main>

    <main>
        <pair-key>securityManager.realms</pair-key>
        <pair-value>$tokenAuthRealm</pair-value>
    </main>

    <main>
        <pair-key>anyroles</pair-key>
        <pair-value>org.opendaylight.aaa.shiro.filters.AnyRoleHttpAuthenticationFilter</pair-value>
    </main>
    <main>
        <pair-key>authcBearer</pair-key>
        <pair-value>org.opendaylight.aaa.shiro.filters.ODLHttpAuthenticationFilter2</pair-value>
    </main>

    <main>
        <pair-key>accountingListener</pair-key>
        <pair-value>org.opendaylight.aaa.shiro.filters.AuthenticationListener</pair-value>
    </main>
    <main>
        <pair-key>securityManager.authenticator.authenticationListeners</pair-key>
        <pair-value>$accountingListener</pair-value>
    </main>

    <main>
        <pair-key>dynamicAuthorization</pair-key>
        <pair-value>org.opendaylight.aaa.shiro.realm.MDSALDynamicAuthorizationFilter</pair-value>
    </main>

    <urls>
        <pair-key>/**/operations/cluster-admin**</pair-key>
        <pair-value>dynamicAuthorization</pair-value>
    </urls>
    <urls>
        <pair-key>/**/v1/**</pair-key>
        <pair-value>authcBearer, roles[admin]</pair-value>
    </urls>
    <urls>
        <pair-key>/**/config/aaa*/**</pair-key>
        <pair-value>authcBearer, roles[admin]</pair-value>
    </urls>
     <urls>
        <pair-key>/oauth/**</pair-key>
        <pair-value>anon</pair-value>
    </urls>
    <urls>
        <pair-key>/odlux/**</pair-key>
        <pair-value>anon</pair-value>
    </urls>
    <urls>
        <pair-key>/apidoc/**</pair-key>
        <pair-value>authcBasic, roles[admin]</pair-value>
    </urls>
     <urls>
        <pair-key>/test123/**</pair-key>
        <pair-value>authcBasic</pair-value>
    </urls>
    <urls>
        <pair-key>/rests/**</pair-key>
        <pair-value>authcBearer, anyroles["admin,provision"]</pair-value>
    </urls>
    <urls>
        <pair-key>/**</pair-key>
        <pair-value>authcBearer, anyroles["admin,provision"]</pair-value>
    </urls>
</shiro-configuration>