Add constraint-based authentication for hostName; remove IP-based authentication

author Mike Taylor <mike@indexdata.com>

Tue, 22 Jul 2014 16:37:27 +0000 (16:37 +0000)

committer Mike Taylor <mike@indexdata.com>

Tue, 22 Jul 2014 16:37:27 +0000 (16:37 +0000)
author Mike Taylor <mike@indexdata.com>
Tue, 22 Jul 2014 16:37:27 +0000 (16:37 +0000)
committer Mike Taylor <mike@indexdata.com>
Tue, 22 Jul 2014 16:37:27 +0000 (16:37 +0000)
diff --git a/tools/service-proxy/service-proxy.properties b/tools/service-proxy/service-proxy.properties

index 4f851bf..8f4c8d8 100644 (file)
--- a/tools/service-proxy/service-proxy.properties
+++ b/tools/service-proxy/service-proxy.properties
@@ -24,8 +24,8 @@ relay.CF_ENGINE_ADDRESS = localhost:9003
  # authn plugin, for torus based authentication 
  authn.TORUS_URL        = http://mkc-admin.indexdata.com/torus2/identity.USERS/records/
  authn.MASTER_TORUS_URL = http://mkc-admin.indexdata.com/torus2/admin.admin/records/
-authn.ACTION_SEQUENCE = check,login,ipauth,referrer
-#authn.SPECIFIC_CONSTRAINT = vhost=${thisHost} 
+authn.ACTION_SEQUENCE = check,login,referrer,constraint
+authn.SPECIFIC_CONSTRAINT = hostName=${thisHost} 
  
  # categories plugin, for Torus-based target categories
  categories.TORUS_BASEURL            = http://mkc-admin.indexdata.com/torus2/
author	Mike Taylor <mike@indexdata.com>
	Tue, 22 Jul 2014 16:37:27 +0000 (16:37 +0000)
committer	Mike Taylor <mike@indexdata.com>
	Tue, 22 Jul 2014 16:37:27 +0000 (16:37 +0000)