Using AAA for securing REST service


Andrej Záň <andrej.zan@...>
 

Hello everybody,


Can somebody please tell me, how to secure our REST application with AAA? We have it done for Oxygen release, but it is not working for Fluorine SR1. What's more, documentation [0] does not help either, since it contains classes, which no more exists. So my question is, what should we have in our web.xml file? In particullar I don't know how to configure this part


<context-param>
  <param-name>shiroEnvironmentClass</param-name>
  <param-value>org.opendaylight.aaa.shiro.web.env.KarafIniWebEnvironment</param-value>
</context-param>

<listener>
    <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>


Thanks in advance


S pozdravom

Andrej Záň


[0] https://github.com/opendaylight/aaa/blob/stable/fluorine/docs/dev-guide.rst#how-application-developers-can-leverage-aaa-to-provide-servlet-security

Join z.archive.aaa-dev@lists.opendaylight.org to automatically receive all group messages.