etc axis-config.xml auth.conf

Dr. Christoph Georg Jung Fri, 15 Mar 2002 01:53:50 -0800

  User: cgjung  
  Date: 02/03/15 02:04:24

  Modified:    jboss.net/src/etc axis-config.xml
  Removed:     jboss.net/src/etc auth.conf
  Log:
  security for jboss.net has finally arrived (although the corresponding testcases 
still need
  to be checked-in).
  
  Revision  Changes    Path
  1.4       +24 -1     contrib/jboss.net/src/etc/axis-config.xml
  
  Index: axis-config.xml
  ===================================================================
  RCS file: /cvsroot/jboss/contrib/jboss.net/src/etc/axis-config.xml,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- axis-config.xml   12 Mar 2002 11:04:45 -0000      1.3
  +++ axis-config.xml   15 Mar 2002 10:04:24 -0000      1.4
  @@ -12,24 +12,47 @@
   
     <!-- url-to-service mapping should be enabled for every incoming http traffic -->
     <transport name="http">
  +
  +        <!-- handlers invoked immediately after an incoming http request -->
        <requestFlow>
  +             <!-- in case that a SOAPAction header is used by the request -->
                   <handler 
type="java:org.apache.axis.handlers.http.HTTPActionHandler"/>
  +
  +                <!-- maps url-suffixes to service names -->
                <handler type="java:org.apache.axis.handlers.http.URLMapper"/>
  +
  +             <!-- http basic authentication is mapped to the axis message context 
-->
                   <handler type="java:org.apache.axis.handlers.http.HTTPAuthHandler"/>
  +
  +             <!-- move to the right apartment inside the jboss container -->
                <handler type="java:org.jboss.net.axis.SetClassLoaderHandler"/>
  +
  +                <!-- authenticates the user agains the jaas:/other security domain 
-->
  +             <handler 
type="java:org.jboss.net.axis.server.JBossAuthenticationHandler">
  +               <parameter name="securityDomain" value="java:/jaas/other"/>
  +                </handler>
  +
        </requestFlow>
  +
  +        <!-- handlers invoked after successful execution of the service -->
           <responseFlow>
  +                <!-- reset the classloader association -->
                <handler type="java:org.jboss.net.axis.ResetClassLoaderHandler"/>
           </responseFlow>
     </transport>
   
  -  <!-- The exposed admin service -->
  +  <!-- The exposed admin service is protected with a jboss-specific role -->
     <service name="Administration" provider="java:MSG">
      <parameter name="className" value="org.apache.axis.utils.Admin"/>
      <parameter name="isStatic" value="true"/>
      <parameter name="methodName" value="AdminService"/>
      <parameter name="allowedMethods" value="AdminService"/>
      <parameter name="enableRemoteAdmin" value="false"/>
  +   <!-- authorization runs agains the jaas:/other domain -->
  +   <handler type="java:org.jboss.net.axis.server.JBossAuthorizationHandler">
  +        <parameter name="securityDomain" value="java:/jass/other"/>
  +     <parameter name="allowedRoles" value="org.jboss.net.Administrator"/>
  +   </handler>
     </service>
   
   </deployment>


_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development

[JBoss-dev] CVS update: contrib/jboss.net/src/etc axis-config.xml auth.conf

Reply via email to