This is an automated email from the ASF dual-hosted git repository. heneveld pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/brooklyn-ui.git
commit 31f6f6b0548a6cd2e320daea722bef094e0a013a Author: Alex Heneveld <[email protected]> AuthorDate: Fri Dec 14 12:40:22 2018 +0000 require login to webconsole for webapps the REST API has always been secured but we now secure these static assets also; this gives a better experience on login, and it will be even more important when we introduce oauth-based logins where the redirect page (served by the LoginModule defined in the REST API module, connected to the LoginService defined in the jetty bundle, both in brooklyn-server) should be served in response to the request for index.html, not just on the REST calls --- .../app-inspector/src/main/webapp/WEB-INF/web.xml | 17 +++++++++++++++++ .../src/main/webapp/WEB-INF/web.xml | 17 +++++++++++++++++ .../src/main/webapp/WEB-INF/web.xml | 17 +++++++++++++++++ ui-modules/catalog/src/main/webapp/WEB-INF/web.xml | 17 +++++++++++++++++ .../groovy-console/src/main/webapp/WEB-INF/web.xml | 17 +++++++++++++++++ ui-modules/home/src/main/webapp/WEB-INF/web.xml | 19 +++++++++++++++++++ .../location-manager/src/main/webapp/WEB-INF/web.xml | 17 +++++++++++++++++ ui-modules/logout/src/main/webapp/WEB-INF/web.xml | 14 ++++++++++++++ .../rest-api-docs/src/main/webapp/WEB-INF/web.xml | 17 +++++++++++++++++ 9 files changed, 152 insertions(+) diff --git a/ui-modules/app-inspector/src/main/webapp/WEB-INF/web.xml b/ui-modules/app-inspector/src/main/webapp/WEB-INF/web.xml index 9e99c5f..fc87588 100644 --- a/ui-modules/app-inspector/src/main/webapp/WEB-INF/web.xml +++ b/ui-modules/app-inspector/src/main/webapp/WEB-INF/web.xml @@ -60,5 +60,22 @@ </filter-mapping> <!--FILTERS :: END--> + <login-config> + <auth-method>BASIC</auth-method> + <realm-name>webconsole</realm-name> + </login-config> + + <security-constraint> + <web-resource-collection> + <web-resource-name>webconsole-static-assets</web-resource-name> + <url-pattern>/*</url-pattern> + </web-resource-collection> + <auth-constraint> + <role-name>**</role-name> + </auth-constraint> + </security-constraint> + <security-role> + <role-name>**</role-name> + </security-role> </web-app> diff --git a/ui-modules/blueprint-composer/src/main/webapp/WEB-INF/web.xml b/ui-modules/blueprint-composer/src/main/webapp/WEB-INF/web.xml index c8d59e9..8bfecc7 100644 --- a/ui-modules/blueprint-composer/src/main/webapp/WEB-INF/web.xml +++ b/ui-modules/blueprint-composer/src/main/webapp/WEB-INF/web.xml @@ -60,5 +60,22 @@ </filter-mapping> <!--FILTERS :: END--> + <login-config> + <auth-method>BASIC</auth-method> + <realm-name>webconsole</realm-name> + </login-config> + + <security-constraint> + <web-resource-collection> + <web-resource-name>webconsole-static-assets</web-resource-name> + <url-pattern>/*</url-pattern> + </web-resource-collection> + <auth-constraint> + <role-name>**</role-name> + </auth-constraint> + </security-constraint> + <security-role> + <role-name>**</role-name> + </security-role> </web-app> diff --git a/ui-modules/blueprint-importer/src/main/webapp/WEB-INF/web.xml b/ui-modules/blueprint-importer/src/main/webapp/WEB-INF/web.xml index 7316240..2e8b2ea 100644 --- a/ui-modules/blueprint-importer/src/main/webapp/WEB-INF/web.xml +++ b/ui-modules/blueprint-importer/src/main/webapp/WEB-INF/web.xml @@ -60,5 +60,22 @@ </filter-mapping> <!--FILTERS :: END--> + <login-config> + <auth-method>BASIC</auth-method> + <realm-name>webconsole</realm-name> + </login-config> + + <security-constraint> + <web-resource-collection> + <web-resource-name>webconsole-static-assets</web-resource-name> + <url-pattern>/*</url-pattern> + </web-resource-collection> + <auth-constraint> + <role-name>**</role-name> + </auth-constraint> + </security-constraint> + <security-role> + <role-name>**</role-name> + </security-role> </web-app> diff --git a/ui-modules/catalog/src/main/webapp/WEB-INF/web.xml b/ui-modules/catalog/src/main/webapp/WEB-INF/web.xml index 2ff2d15..efee85b 100644 --- a/ui-modules/catalog/src/main/webapp/WEB-INF/web.xml +++ b/ui-modules/catalog/src/main/webapp/WEB-INF/web.xml @@ -60,5 +60,22 @@ </filter-mapping> <!--FILTERS :: END--> + <login-config> + <auth-method>BASIC</auth-method> + <realm-name>webconsole</realm-name> + </login-config> + + <security-constraint> + <web-resource-collection> + <web-resource-name>webconsole-static-assets</web-resource-name> + <url-pattern>/*</url-pattern> + </web-resource-collection> + <auth-constraint> + <role-name>**</role-name> + </auth-constraint> + </security-constraint> + <security-role> + <role-name>**</role-name> + </security-role> </web-app> diff --git a/ui-modules/groovy-console/src/main/webapp/WEB-INF/web.xml b/ui-modules/groovy-console/src/main/webapp/WEB-INF/web.xml index edfc151..addd7a8 100644 --- a/ui-modules/groovy-console/src/main/webapp/WEB-INF/web.xml +++ b/ui-modules/groovy-console/src/main/webapp/WEB-INF/web.xml @@ -60,5 +60,22 @@ </filter-mapping> <!--FILTERS :: END--> + <login-config> + <auth-method>BASIC</auth-method> + <realm-name>webconsole</realm-name> + </login-config> + + <security-constraint> + <web-resource-collection> + <web-resource-name>webconsole-static-assets</web-resource-name> + <url-pattern>/*</url-pattern> + </web-resource-collection> + <auth-constraint> + <role-name>**</role-name> + </auth-constraint> + </security-constraint> + <security-role> + <role-name>**</role-name> + </security-role> </web-app> diff --git a/ui-modules/home/src/main/webapp/WEB-INF/web.xml b/ui-modules/home/src/main/webapp/WEB-INF/web.xml index 4fa41b8..9be0439 100644 --- a/ui-modules/home/src/main/webapp/WEB-INF/web.xml +++ b/ui-modules/home/src/main/webapp/WEB-INF/web.xml @@ -59,4 +59,23 @@ <url-pattern>/*</url-pattern> </filter-mapping> <!--FILTERS :: END--> + + <login-config> + <auth-method>BASIC</auth-method> + <realm-name>webconsole</realm-name> + </login-config> + + <security-constraint> + <web-resource-collection> + <web-resource-name>webconsole-static-assets</web-resource-name> + <url-pattern>/*</url-pattern> + </web-resource-collection> + <auth-constraint> + <role-name>**</role-name> + </auth-constraint> + </security-constraint> + <security-role> + <role-name>**</role-name> + </security-role> + </web-app> diff --git a/ui-modules/location-manager/src/main/webapp/WEB-INF/web.xml b/ui-modules/location-manager/src/main/webapp/WEB-INF/web.xml index 6b6683a..2bb7445 100644 --- a/ui-modules/location-manager/src/main/webapp/WEB-INF/web.xml +++ b/ui-modules/location-manager/src/main/webapp/WEB-INF/web.xml @@ -60,5 +60,22 @@ </filter-mapping> <!--FILTERS :: END--> + <login-config> + <auth-method>BASIC</auth-method> + <realm-name>webconsole</realm-name> + </login-config> + + <security-constraint> + <web-resource-collection> + <web-resource-name>webconsole-static-assets</web-resource-name> + <url-pattern>/*</url-pattern> + </web-resource-collection> + <auth-constraint> + <role-name>**</role-name> + </auth-constraint> + </security-constraint> + <security-role> + <role-name>**</role-name> + </security-role> </web-app> diff --git a/ui-modules/logout/src/main/webapp/WEB-INF/web.xml b/ui-modules/logout/src/main/webapp/WEB-INF/web.xml index 19970f8..81d8082 100644 --- a/ui-modules/logout/src/main/webapp/WEB-INF/web.xml +++ b/ui-modules/logout/src/main/webapp/WEB-INF/web.xml @@ -27,4 +27,18 @@ <welcome-file-list> <welcome-file>index.html</welcome-file> </welcome-file-list> + + <security-constraint> + <web-resource-collection> + <web-resource-name>webconsole-static-assets</web-resource-name> + <url-pattern>/*</url-pattern> + </web-resource-collection> + <auth-constraint> + <role-name>**</role-name> + </auth-constraint> + </security-constraint> + <security-role> + <role-name>**</role-name> + </security-role> + </web-app> diff --git a/ui-modules/rest-api-docs/src/main/webapp/WEB-INF/web.xml b/ui-modules/rest-api-docs/src/main/webapp/WEB-INF/web.xml index dd7dd9b..c6f9bd5 100644 --- a/ui-modules/rest-api-docs/src/main/webapp/WEB-INF/web.xml +++ b/ui-modules/rest-api-docs/src/main/webapp/WEB-INF/web.xml @@ -60,5 +60,22 @@ </filter-mapping> <!--FILTERS :: END--> + <login-config> + <auth-method>BASIC</auth-method> + <realm-name>webconsole</realm-name> + </login-config> + + <security-constraint> + <web-resource-collection> + <web-resource-name>webconsole-static-assets</web-resource-name> + <url-pattern>/*</url-pattern> + </web-resource-collection> + <auth-constraint> + <role-name>**</role-name> + </auth-constraint> + </security-constraint> + <security-role> + <role-name>**</role-name> + </security-role> </web-app>
