dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #35091
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 18012: disable basic only filter on /api/** for now, reverts back to old behavior with 403 redirection
------------------------------------------------------------
revno: 18012
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Fri 2015-01-16 11:34:42 +0700
message:
disable basic only filter on /api/** for now, reverts back to old behavior with 403 redirection
modified:
dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml'
--- dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml 2015-01-14 10:59:10 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml 2015-01-16 04:34:42 +0000
@@ -29,6 +29,7 @@
<sec:http pattern="/external-static/**" security="none" />
<sec:http pattern="/favicon.ico" security="none" />
+ <!-- Disabled for now, we need to properly handle "Basic Auth" dialog box popping up on browsers
<sec:http access-decision-manager-ref="accessDecisionManager" use-expressions="true" realm="DHIS2" pattern="/api/**">
<sec:http-basic />
@@ -47,6 +48,7 @@
<sec:intercept-url pattern="/api/account" access="permitAll()" />
<sec:intercept-url pattern="/api/**" access="isAuthenticated()" />
</sec:http>
+ -->
<sec:http access-decision-manager-ref="accessDecisionManager" use-expressions="true" realm="DHIS2">
<sec:openid-login user-service-ref="userDetailsService" default-target-url="/" always-use-default-target="false"
