killbill-uncached
Details
NEWS 1(+1 -0)
diff --git a/NEWS b/NEWS
index a434c3a..b8792f2 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,6 @@
0.5.0
Initial implementation of RBAC
+ - default credentials: admin/password
Remove analytics plugin from defaultbundles package
Switch to killbill-commons for locker and db testing helper
Lower the default number of hash iterations for the apiSecret to 200,000 down from 500,000
README.md 63(+1 -62)
diff --git a/README.md b/README.md
index 03f15d4..442e402 100644
--- a/README.md
+++ b/README.md
@@ -1,65 +1,4 @@
[](https://travis-ci.org/killbill/killbill)
Killbill is an open source subscription management/billing system.
-You can find the documentation [here](http://ning.github.com/killbill/).
-
-Setting up your own tenant
---------------------------
-
-Killbill supports multiple tenants running on the same server. Each tenant needs to identify itself when using the /1.0
-API via HTTP Basic authentication.
-
-For example, trying to access all tag definitions without being authenticated would throw a 400 error:
-
- ~> curl -v http://127.0.0.1:8080/1.0/kb/tagDefinitions
- * About to connect() to 127.0.0.1 port 8080 (#0)
- * Trying 127.0.0.1... connected
- * Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0)
- > GET /1.0/kb/tagDefinitions HTTP/1.1
- > User-Agent: curl/7.21.4 (universal-apple-darwin11.0) libcurl/7.21.4 OpenSSL/0.9.8r zlib/1.2.5
- > Host: 127.0.0.1:8080
- > Accept: */*
- >
- < HTTP/1.1 401 Unauthorized
- < WWW-Authenticate: BASIC realm="application"
- < Content-Length: 0
- < Server: Jetty(8.1.2.v20120308)
- <
- * Connection #0 to host 127.0.0.1 left intact
- * Closing connection #0
-
-
-Before you can use the /1.0 API, you need to create your own tenant. To do so, post your username (`apiKey`) and password
-(`apiSecret`) to the `/1.0/kb/tenants` endpoint (the header `X-Killbill-CreatedBy` is used for auditing purposes).
-For example, to create the a tenant with the credentials bob/lazar:
-
- ~> curl -v -XPOST \
- -H'Content-Type: application/json' \
- -H'X-Killbill-CreatedBy: admin' \
- -d'{"apiKey": "bob", "apiSecret": "lazar"}' \
- http://127.0.0.1:8080/1.0/kb/tenants
- * About to connect() to 127.0.0.1 port 8080 (#0)
- * Trying 127.0.0.1... connected
- * Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0)
- > POST /1.0/kb/tenants HTTP/1.1
- > User-Agent: curl/7.21.4 (universal-apple-darwin11.0) libcurl/7.21.4 OpenSSL/0.9.8r zlib/1.2.5
- > Host: 127.0.0.1:8080
- > Accept: */*
- > Content-Type: application/json
- > X-Killbill-CreatedBy: admin
- > Content-Length: 39
- >
- < HTTP/1.1 201 Created
- < Location: http://127.0.0.1:8080/1.0/kb/tenants/f07bc7d5-00e8-48bd-8b43-ef8537219171
- < Content-Type: application/json
- < Transfer-Encoding: chunked
- < Server: Jetty(8.1.2.v20120308)
- <
- * Connection #0 to host 127.0.0.1 left intact
- * Closing connection #0
- {"uri":"/1.0/kb/tenants/f07bc7d5-00e8-48bd-8b43-ef8537219171"}
-
-
-You can now access the API, e.g.:
-
- ~> curl -v http://127.0.0.1:8080/1.0/kb/tagDefinitions -H'X-Killbill-ApiKey: bob' -H'X-Killbill-ApiSecret: lazar'
+You can find the documentation [here](http://kill-bill.org).
server/src/main/resources/shiro.ini 24(+7 -17)
diff --git a/server/src/main/resources/shiro.ini b/server/src/main/resources/shiro.ini
index 61e61e4..a419d0a 100644
--- a/server/src/main/resources/shiro.ini
+++ b/server/src/main/resources/shiro.ini
@@ -18,22 +18,12 @@
# [main]
# See com.ning.billing.util.glue.KillBillShiroModule
+# Use -Dkillbill.server.rbac=false to disable RBAC
-# Example on how to define an admin user
-#
-# [users]
-# admin = password, root
-#
-# [roles]
-# root = *:*
+# Default admin user
+# Use -Dkillbill.security.shiroResourcePath=/var/tmp/shiro.ini to specify your own config
+[users]
+admin = password, root
-[urls]
-# All urls omitted will be available by anonymous users (RBAC disabled).
-# You need to enable auth at least for the security endpoint though, otherwise
-# Shiro won't try to look up the username/password (so, it won't be able
-# to return the correct permissions).
-/1.0/kb/security/** = authcBasic
-# RBAC disabled by default
-/** = anon
-# To enable RBAC
-# /1.0/kb/** = authcBasic
+[roles]
+root = *:*