[Dhis2-devs] [Branch ~dhis2-devs-core/dhis2/trunk] Rev 17885: Basic auth security, adding /account filters so that user invitations work

Mon, 05 Jan 2015 07:54:42 -0800 

------------------------------------------------------------
revno: 17885
committer: Lars Helge Overland <[email protected]>
branch nick: dhis2
timestamp: Mon 2015-01-05 16:53:54 +0100
message:
  Basic auth security, adding /account filters so that user invitations work
modified:
  dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to 
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml'
--- dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml	2015-01-02 13:41:49 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml	2015-01-05 15:53:54 +0000
@@ -40,6 +40,11 @@
 
     <sec:custom-filter ref="automaticAccessFilter" before="LOGOUT_FILTER" />
     <!-- <sec:custom-filter ref="corsFilter" before="BASIC_AUTH_FILTER" /> -->
+    <sec:intercept-url pattern="/api/account/username" access="permitAll()" />
+    <sec:intercept-url pattern="/api/account/recovery" access="permitAll()" />
+    <sec:intercept-url pattern="/api/account/restore" access="permitAll()" />
+    <sec:intercept-url pattern="/api/account/password" access="permitAll()" />
+    <sec:intercept-url pattern="/api/account" access="permitAll()" />
     <sec:intercept-url pattern="/api/**" access="isAuthenticated()" />
   </sec:http>
 


_______________________________________________
Mailing list: https://launchpad.net/~dhis2-devs
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~dhis2-devs
More help   : https://help.launchpad.net/ListHelp

Reply via email to