[
https://issues.apache.org/jira/browse/OPENEJB-981?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12661182#action_12661182
]
Jarek Gawor commented on OPENEJB-981:
-------------------------------------
Because 1) you specify it as multiple elements (not a single one), for example:
<http-method>POST</http-method>
<http-method>GET</http-method>
instead of:
<http-methods>POST GET PUT</http-method>
and 2) it matches the name of the element in the web.xml schema (see
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd) which provides the same type
of functionality for servlets, jsps, etc.
> Specify a list of protected HTTP methods for secure web services
> ----------------------------------------------------------------
>
> Key: OPENEJB-981
> URL: https://issues.apache.org/jira/browse/OPENEJB-981
> Project: OpenEJB
> Issue Type: Improvement
> Components: configuration, deployment, integration, webservices
> Affects Versions: 3.1.1
> Reporter: Jarek Gawor
> Assignee: Jacek Laskowski
> Attachments: OPENEJB-981.patch
>
>
> For secure web services we would like to specify a list of HTTP methods that
> should be secured. For example, we would like to secure POST requests but
> leave GET requests unsecured (for WSDL access). See GERONIMO-4015 for a bit
> more info.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
