changing the default xacml policy role names
Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/99c07d71 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/99c07d71 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/99c07d71 Branch: refs/heads/master Commit: 99c07d718bf89c8e9eca7deffdaa65c66a5b0c8c Parents: e1356b7 Author: Supun Nakandala <[email protected]> Authored: Fri Sep 4 15:18:58 2015 +0530 Committer: Supun Nakandala <[email protected]> Committed: Sat Sep 5 12:24:22 2015 +0530 ---------------------------------------------------------------------- .../src/main/resources/airavata-default-xacml-policy.xml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/airavata/blob/99c07d71/modules/configuration/server/src/main/resources/airavata-default-xacml-policy.xml ---------------------------------------------------------------------- diff --git a/modules/configuration/server/src/main/resources/airavata-default-xacml-policy.xml b/modules/configuration/server/src/main/resources/airavata-default-xacml-policy.xml index 90b1432..0801360 100644 --- a/modules/configuration/server/src/main/resources/airavata-default-xacml-policy.xml +++ b/modules/configuration/server/src/main/resources/airavata-default-xacml-policy.xml @@ -29,6 +29,7 @@ <AllOf> <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>^(?:(?! +/airavata/getAPIVersion| /airavata/addGateway| /airavata/deleteteway| /airavata/updateGateway| @@ -75,7 +76,7 @@ </Target> <Condition> <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-is-in"> - <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>admin_read_only</AttributeValue> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>admin-read-only</AttributeValue> <AttributeDesignator AttributeId="http://wso2.org/claims/role"; Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="true"/> @@ -88,6 +89,7 @@ <AllOf> <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>^(?:(?! +/airavata/getAPIVersion| /airavata/addGateway| /airavata/getExperimentStatistics| /airavata/deleteteway| @@ -155,7 +157,7 @@ </Target> <Condition> <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-is-in"> - <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>Internal/everyone</AttributeValue> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>airavata-user</AttributeValue> <AttributeDesignator AttributeId="http://wso2.org/claims/role"; Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#string"; MustBePresent="true"/>
