[ http://issues.apache.org/jira/browse/GERONIMO-676?page=all ]
David Jencks updated GERONIMO-676:
----------------------------------
Fix Version: 1.0-M5
> Provide Default For EJB Web Service HTTP Basic Realm Name
> ---------------------------------------------------------
>
> Key: GERONIMO-676
> URL: http://issues.apache.org/jira/browse/GERONIMO-676
> Project: Geronimo
> Type: Improvement
> Components: webservices
> Versions: 1.0-M3
> Reporter: Aaron Mulder
> Assignee: David Jencks
> Fix For: 1.0-M5
>
> If you make a web service out of a Session Bean, the openejb-jar.xml
> web-service-security settings include:
> security realm name
> realm name
> transport guarantee
> auth method
> The "realm name" appears to be used in the challenge for HTTP Basic
> authentication, as in "Please provide username and password for 'foo'" where
> 'foo' is the realm name. Of course this is all automatic in web services, so
> the realm name is most likely irrelevant -- the client computer will probably
> submit the same username and password to the server no matter what realm is
> used in the challenge. However, when configuring the web container for HTTP
> Basic auth, we need to provide a realm name.
> So the point of this issue is, let's default the realm name to "Geronimo Web
> Service" or some such, and make this element optional. Since it's likely
> useless, it would be ideal if the user only had to provide it if for some
> reason it was necessary in their scenario.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
