Kim, As of JBoss3.2Beta, there is a single location left to configure the "general security" of the transport servlet which is jboss-net.sar/jboss-net.war/META-INF/*.xml ... You specify your authorization constraints (currently commented out) in the web app descriptor and you specifiy the security manager against which to run authentication/authorization in the jboss-specific descriptor. It may be wise to define seperate roles for accessing the administration and the transport servlet.
If you want a more fine-grained access that is distinguished along the web service instances itself and does not hold for all of them at once, you should use the JBossAuthentication and JBossAuthorizationHandlers of the jboss.net implementation in your request/response chains. Best, CGJ -----Urspr�ngliche Nachricht----- Von: Kim, Yong [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 17. September 2002 20:59 An: '[EMAIL PROTECTED]' Betreff: [JBoss-user] Enabling security for jboss.net I found a link on jboss.org forum regarding enabling security for jboss.net web services... According to the thread, there are 3 places that need to be changed to enable security for web services (to utilize the different security domain... other than "other")... I guess that thread is old and I am curious if there is any better way of doing this? Basically, I want to authenticate web service users to provide username and password... Can anyone tell me where I can find out step-by-step procedure? Mitchell ------------------------------------------------------- This SF.NET email is sponsored by: AMD - Your access to the experts on Hammer Technology! Open Source & Linux Developers, register now for the AMD Developer Symposium. Code: EX8664 http://www.developwithamd.com/developerlab _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user ########################################### This message has been scanned by F-Secure Anti-Virus for Microsoft Exchange. For more information, connect to http://www.F-Secure.com/ ------------------------------------------------------- This SF.NET email is sponsored by: AMD - Your access to the experts on Hammer Technology! Open Source & Linux Developers, register now for the AMD Developer Symposium. Code: EX8664 http://www.developwithamd.com/developerlab _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
