Author: alexoree
Date: Fri Aug 9 19:26:54 2013
New Revision: 1512461
URL: http://svn.apache.org/r1512461
Log:
JUDDI-579 adding additional security features, require admin credentials for
the settings.jsp page
Modified:
juddi/trunk/juddi-gui/src/main/webapp/WEB-INF/web.xml
juddi/trunk/juddi-gui/src/main/webapp/settings.jsp
Modified: juddi/trunk/juddi-gui/src/main/webapp/WEB-INF/web.xml
URL:
http://svn.apache.org/viewvc/juddi/trunk/juddi-gui/src/main/webapp/WEB-INF/web.xml?rev=1512461&r1=1512460&r2=1512461&view=diff
==============================================================================
--- juddi/trunk/juddi-gui/src/main/webapp/WEB-INF/web.xml (original)
+++ juddi/trunk/juddi-gui/src/main/webapp/WEB-INF/web.xml Fri Aug 9 19:26:54
2013
@@ -37,4 +37,28 @@
<error-code>503</error-code>
<location>/error.jsp</location>
</error-page>
+
+ <security-constraint>
+ <display-name>jUDDI Admin content</display-name>
+ <web-resource-collection>
+ <web-resource-name>admin</web-resource-name>
+ <url-pattern>/settings.jsp</url-pattern>
+ <url-pattern>/ajax/settings.jsp</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>uddiadmin</role-name>
+ </auth-constraint>
+ <!-- uncomment to require SSL <user-data-constraint>
+ <transport-guarantee>CONFIDENTIAL</transport-guarantee>
+ </user-data-constraint>
+ -->
+ </security-constraint>
+ <login-config>
+ <auth-method>BASIC</auth-method>
+ <!-- you should consider NOT using BASIC is favor of something more
secure, see your web app servers documentation for details -->
+ <realm-name>Apache jUDDI - Make sure you're using HTTPS!</realm-name>
+ </login-config>
+ <security-role>
+ <role-name>uddiadmin</role-name>
+ </security-role>
</web-app>
Modified: juddi/trunk/juddi-gui/src/main/webapp/settings.jsp
URL:
http://svn.apache.org/viewvc/juddi/trunk/juddi-gui/src/main/webapp/settings.jsp?rev=1512461&r1=1512460&r2=1512461&view=diff
==============================================================================
--- juddi/trunk/juddi-gui/src/main/webapp/settings.jsp (original)
+++ juddi/trunk/juddi-gui/src/main/webapp/settings.jsp Fri Aug 9 19:26:54 2013
@@ -43,7 +43,7 @@
}
%>
</table>
- <a class="btn btn-primary " href="javascript:saveSettings();"><i
class="icon-large icon-save"></i><%=ResourceLoader.GetResource(session,
"actions.save")%></a>
+ <a class="btn btn-primary " href="javascript:saveSettings();"><i
class="icon-large icon-save"></i> <%=ResourceLoader.GetResource(session,
"actions.save")%></a>
<script type="text/javascript">
Reedit();
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
