Re: Using AAA for securing REST service

Home Messages Hashtags Subgroups

This group is locked. No changes can be made to the group while it is locked.

Tom Pantelis #1788 On Thu, Mar 21, 2019 at 7:28 PM Andrej Záň <andrej.zan@...> wrote: Hello everybody, Can somebody please tell me, how to secure our REST application with AAA? We have it done for Oxygen release, but it is not working for Fluorine SR1. What's more, documentation [0] does not help either, since it contains classes, which no more exists. So my question is, what should we have in our web.xml file? In particullar I don't know how to configure this part <context-param> <param-name>shiroEnvironmentClass</param-name> <param-value>org.opendaylight.aaa.shiro.web.env.KarafIniWebEnvironment</param-value> </context-param> <listener> <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class> </listener> Thanks in advance The web.xml mechanism was removed in Fluorine in lieu of instantiating the web app and securing it programmatically (via blueprint). For an example, check out https://github.com/opendaylight/netconf/blob/master/netconf/yanglib/src/main/resources/OSGI-INF/blueprint/yanglib.xml (org.opendaylight.yanglib.impl.WebInitializer). S pozdravom Andrej Záň [0] https://github.com/opendaylight/aaa/blob/stable/fluorine/docs/dev-guide.rst#how-application-developers-can-leverage-aaa-to-provide-servlet-security _______________________________________________ aaa-dev mailing list aaa-dev@... https://lists.opendaylight.org/mailman/listinfo/aaa-dev

Join z.archive.aaa-dev@lists.opendaylight.org to automatically receive all group messages.