REST Security
REST-based Configuration methods are minimally secured by Basic HTTP Authentication.
The REST Security configuration file may reside anywhere on the filesystem, but a reference must be included in the OpenCDS configuration file (see Configuring OpenCDS for details).
The contents of the REST Security configuration file is as follows:
sec.xml
<?xml version="1.0" encoding="UTF-8"?>
<config:ConfigurationSecurity xmlns:config="org.opencds.dss.config.v1_0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="org.opencds.dss.config.v1_0 schema/OpenCDSConfiguration.xsd">
<users>
<user>
<username>admin-username</username>
<password>admin-password</password>
<enabled>true</enabled>
<grantedAuthorities>
<authority>ROLE_CONFIG_ADMIN</authority>
<authority>ROLE_CONFIG_USER</authority>
</grantedAuthorities>
</user>
<user>
<username>non-admin-username</username>
<password>non-admin-password</password>
<enabled>true</enabled>
<grantedAuthorities>
<authority>ROLE_CONFIG_USER</authority>
</grantedAuthorities>
</user>
</users>
</config:ConfigurationSecurity>
Any number of users may be added to the list.
Passwords are stored in plain-text. (Encryption methods may be provided in the future.)
Two roles (granted authorities) are supported which provide access to the data:
- ROLE_CONFIG_ADMIN
- May read from and write to the Configuration REST services.
- ROLE_CONFIG_USER
- May read from the Configuration REST services.