From 9b23d35669a53b0d12771acae2c9cddb76aff3f2 Mon Sep 17 00:00:00 2001
From: Jean-Noel Rouvignac <jean-noel.rouvignac@forgerock.com>
Date: Fri, 12 Apr 2013 09:00:23 +0000
Subject: [PATCH] OPENDJ-830 (CR-1538) Implement authentication and authorization for HTTP connection handler

---
 opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/HTTPConnectionHandlerConfiguration.xml |   32 ++++++++++++++++++++++++++++++--
 1 files changed, 30 insertions(+), 2 deletions(-)

diff --git a/opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/HTTPConnectionHandlerConfiguration.xml b/opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/HTTPConnectionHandlerConfiguration.xml
index 292ee7b..5f2f9cd 100644
--- a/opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/HTTPConnectionHandlerConfiguration.xml
+++ b/opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/HTTPConnectionHandlerConfiguration.xml
@@ -217,7 +217,7 @@
   <adm:property name="max-request-size" advanced="true">
     <adm:synopsis>
       Specifies the size in bytes of the largest HTTP request message that will
-      be allowed by this HTTP Connection handler.      
+      be allowed by the <adm:user-friendly-name />.      
     </adm:synopsis>
     <adm:description>
       This can help prevent denial-of-service attacks by clients that indicate 
@@ -429,7 +429,7 @@
   </adm:property>
   <adm:property name="config-file" mandatory="true">
     <adm:synopsis>
-      Specifies the name of the configuration file for the HTTP Connection Handler.
+      Specifies the name of the configuration file for the <adm:user-friendly-name />.
     </adm:synopsis>
     <adm:default-behavior>
       <adm:defined>
@@ -453,4 +453,32 @@
       </ldap:attribute>
     </adm:profile>
   </adm:property>
+  <adm:property name="authentication-required" mandatory="true">
+    <adm:synopsis>
+      Specifies whether only authenticated requests can be processed by the
+      <adm:user-friendly-name />.
+    </adm:synopsis>
+    <adm:description>
+      If true, only authenticated requests will be processed by the
+      <adm:user-friendly-name />. If false, both authenticated requests and 
+      unauthenticated requests will be processed. All requests are subject
+      to ACI limitations and unauthenticated requests are subject to server
+      limits like maximum number of entries returned. Note that setting
+      ds-cfg-reject-unauthenticated-requests to true will override the current
+      setting.
+    </adm:description>
+    <adm:default-behavior>
+      <adm:defined>
+        <adm:value>true</adm:value>
+      </adm:defined>
+    </adm:default-behavior>
+    <adm:syntax>
+      <adm:boolean />
+    </adm:syntax>
+    <adm:profile name="ldap">
+      <ldap:attribute>
+        <ldap:name>ds-cfg-authentication-required</ldap:name>
+      </ldap:attribute>
+    </adm:profile>
+  </adm:property>
 </adm:managed-object>

--
Gitblit v1.10.0