how to deploy rules on kie server based on user permission

Question

Only users with certain permissions should be able to deploy to kie server others should not.

How to implement an interceptor on the kie server ie the kieserver should throw an error if the user does not have certain permissions

Answer 1

To achieve this you have to define permissions of certain REST API in web.xml file of kie-server.war file. with below configuration user with 'deployer' role can only perform 'PUT/POST' operation on '/services/rest/server/containers/' REST endpoint.

<security-constraint>
    <web-resource-collection>
        <web-resource-name>REST web resources</web-resource-name>
        <url-pattern>/services/rest/server/containers/*</url-pattern>
        <http-method>POST</http-method>
        <http-method>PUT</http-method>
    </web-resource-collection>
    <auth-constraint>
        <role-name>deployer</role-name>
    </auth-constraint>
</security-constraint>
<security-role>
    <role-name>deployer</role-name>
</security-role>