gnodet wrote:
>
> This is not really documented. For the time being, you'll have to rely on
> the source code, but if you have any specific questions, feel free to ask.
>
A question:
As maybe you know you can get access to any jbi endpoint inside SM through
ANY http endpoint using WS-Addressing, not only to the endpoint for which
http endpoint is a proxy. This raises security issue because one would like
to restrict access only to proxied endpoint. Access to some service endpoint
in the middle of internal flow can be unwanted.
I thought that this can be done using certain roles for services but it
turned out that I'm getting an error "Endpoint is not authorized for this
user" on further services (after message was authorized and routed correctly
through the http proxy).
What is a right solution for the problem?
--
View this message in context:
http://www.nabble.com/JAAS-Support-tp5719650s12049p14668783.html
Sent from the ServiceMix - User mailing list archive at Nabble.com.
