Uploaded image for project: 'Geronimo'
  1. Geronimo
  2. GERONIMO-676

Provide Default For EJB Web Service HTTP Basic Realm Name

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.0-M3
    • 1.0-M5
    • webservices
    • None

    Description

      If you make a web service out of a Session Bean, the openejb-jar.xml web-service-security settings include:

      security realm name
      realm name
      transport guarantee
      auth method

      The "realm name" appears to be used in the challenge for HTTP Basic authentication, as in "Please provide username and password for 'foo'" where 'foo' is the realm name. Of course this is all automatic in web services, so the realm name is most likely irrelevant – the client computer will probably submit the same username and password to the server no matter what realm is used in the challenge. However, when configuring the web container for HTTP Basic auth, we need to provide a realm name.

      So the point of this issue is, let's default the realm name to "Geronimo Web Service" or some such, and make this element optional. Since it's likely useless, it would be ideal if the user only had to provide it if for some reason it was necessary in their scenario.

      Attachments

        Activity

          People

            djencks David Jencks
            ammulder Aaron Mulder
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: