Re: Using AAA for securing REST service


Tom Pantelis
 



On Thu, Mar 21, 2019 at 7:28 PM Andrej Záň <andrej.zan@...> wrote:

Hello everybody,


Can somebody please tell me, how to secure our REST application with AAA? We have it done for Oxygen release, but it is not working for Fluorine SR1. What's more, documentation [0] does not help either, since it contains classes, which no more exists. So my question is, what should we have in our web.xml file? In particullar I don't know how to configure this part


<context-param>
  <param-name>shiroEnvironmentClass</param-name>
  <param-value>org.opendaylight.aaa.shiro.web.env.KarafIniWebEnvironment</param-value>
</context-param>

<listener>
    <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>


Thanks in advance


The web.xml mechanism was removed in Fluorine in lieu of instantiating the web app and securing it programmatically (via blueprint). For an example, check out https://github.com/opendaylight/netconf/blob/master/netconf/yanglib/src/main/resources/OSGI-INF/blueprint/yanglib.xml (org.opendaylight.yanglib.impl.WebInitializer).  
 
_______________________________________________
aaa-dev mailing list
aaa-dev@...
https://lists.opendaylight.org/mailman/listinfo/aaa-dev

Join z.archive.aaa-dev@lists.opendaylight.org to automatically receive all group messages.