REST Security
REST-based Configuration methods are minimally secured by Basic HTTP Authentication.
The REST Security configuration file may reside anywhere on the filesystem, but a reference must be included in the OpenCDS configuration file (see Configuring OpenCDS for details).
The contents of the REST Security configuration file is as follows:
sec.xml
<?xml version="1.0" encoding="UTF-8"?> <config:ConfigurationSecurity xmlns:config="org.opencds.dss.config.v1_0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="org.opencds.dss.config.v1_0 schema/OpenCDSConfiguration.xsd"> <users> <user> <username>admin-username</username> <password>admin-password</password> <enabled>true</enabled> <grantedAuthorities> <authority>ROLE_CONFIG_ADMIN</authority> <authority>ROLE_CONFIG_USER</authority> </grantedAuthorities> </user> <user> <username>non-admin-username</username> <password>non-admin-password</password> <enabled>true</enabled> <grantedAuthorities> <authority>ROLE_CONFIG_USER</authority> </grantedAuthorities> </user> </users> </config:ConfigurationSecurity>
Any number of users may be added to the list.
Passwords are stored in plain-text. (Encryption methods may be provided in the future.)
Two roles (granted authorities) are supported which provide access to the data:
- ROLE_CONFIG_ADMIN
- May read from and write to the Configuration REST services.
- ROLE_CONFIG_USER
- May read from the Configuration REST services.