[
https://issues.apache.org/jira/browse/OPENEJB-1004?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jean-Louis MONTEIRO updated OPENEJB-1004:
-----------------------------------------
Attachment: patch-openejb-1004.txt
WS-Security integration proposal
> Web service endpoints not secured
> ---------------------------------
>
> Key: OPENEJB-1004
> URL: https://issues.apache.org/jira/browse/OPENEJB-1004
> Project: OpenEJB
> Issue Type: Improvement
> Components: webservices
> Affects Versions: 3.1
> Reporter: Jonathan Gallimore
> Assignee: Jonathan Gallimore
> Attachments: patch-openejb-1004.txt
>
>
> It does not appear to be possible to secure webservice endpoints at the
> moment, therefore EJB session beans exposed as webservices will not work if
> they use the @RolesAllowed annotation.
> It would be nice to pass the values specified in the <web-service-security>
> tag in openejb-jar.xml were passed through to Tomcat/OpenEJB HTTP container,
> and to potentially support WS-Security schemes as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
