DX NetOps

Is there a way to disable access to the REST interface on a specific OneClick?

We have a set of OneClick servers that are dedicated to REST access.  People are supposed to use those for submitting their REST queries.  However, our community has discovered that all OneClicks support these calls, so we are seeing them submit their REST queries against our OneClick servers that are supposed to be for general user access (WebClient/OneClick).  I suspect we also have some that are hitting our SRM servers as well.  I would like to be able to disable REST on the WebClient/OneClick/SRM servers or limit the accounts that can submit REST calls on those systems.

Is there a way to restrict access on specific servers?

Hey Bill,

I would simply disable REST on those servers entirely:

To disable the RESTful url you can delete the

\tomcat\lib\spectrumrest.jar.  

It would also be a good idea to modify the web.xml to remove the servlet definitions

<servlet>

    <servlet-name>ApacheCXF JAX-RS</servlet-name>

    <servlet-class>

      com.ca.spectrum.restful.servlet.framework.CXFNonSpringJaxrsServlet

    </servlet-class>

    <init-param>

      <param-name>jaxrs.serviceClasses</param-name>

      <param-value>

        com.ca.spectrum.restful.servlet.ActionServlet

        com.ca.spectrum.restful.servlet.AlarmServlet

        com.ca.spectrum.restful.servlet.AssociationServlet

        com.ca.spectrum.restful.servlet.DeviceServlet

        com.ca.spectrum.restful.servlet.LandscapeServlet

        com.ca.spectrum.restful.servlet.ModelServlet

        com.ca.spectrum.restful.servlet.ModelsServlet

        com.ca.spectrum.restful.servlet.SubscriptionServlet

        com.ca.spectrum.restful.servlet.AttributeServlet

        com.ca.spectrum.restful.servlet.TestNotificationServlet

        com.ca.spectrum.restful.servlet.ConnectivityServlet

        com.ca.spectrum.restful.servlet.EventServlet

      </param-value>

    </init-param>

    <load-on-startup>100</load-on-startup>

  </servlet>

  <servlet>

    <servlet-name>RESTful Web Services registration servlet</servlet-name>

    <servlet-class>

      com.aprisma.spectrum.app.web.servlet.RegistrationServlet

    </servlet-class>

    <init-param>

      <param-name>com.aprisma.spectrum.debug.modules</param-name>

      <param-value>

        RESTfulWebServices@RESTFULWEBSERVICES@RESTful Web Services@off;

      </param-value>

    </init-param>

    <load-on-startup>2</load-on-startup>

  </servlet>

Hope that helps.  I am not aware of anyway to restrict it other than disable it.

Though there may be a way to do it.

Thank you.  This is perfect.  For our situation, we would want to disable the REST on those systems where we want to restrict it's usage.  This fits our need perfectly.

Awesome!

It was after I started chatting with Roger that I realized why you guys had asked…makes sense!  

Happy Holidays Bill!