Uploaded image for project: 'Geronimo'
  1. Geronimo
  2. GERONIMO-676

Provide Default For EJB Web Service HTTP Basic Realm Name

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.0-M3
    • Fix Version/s: 1.0-M5
    • Component/s: webservices
    • Labels:
      None

      Description

      If you make a web service out of a Session Bean, the openejb-jar.xml web-service-security settings include:

      security realm name
      realm name
      transport guarantee
      auth method

      The "realm name" appears to be used in the challenge for HTTP Basic authentication, as in "Please provide username and password for 'foo'" where 'foo' is the realm name. Of course this is all automatic in web services, so the realm name is most likely irrelevant – the client computer will probably submit the same username and password to the server no matter what realm is used in the challenge. However, when configuring the web container for HTTP Basic auth, we need to provide a realm name.

      So the point of this issue is, let's default the realm name to "Geronimo Web Service" or some such, and make this element optional. Since it's likely useless, it would be ideal if the user only had to provide it if for some reason it was necessary in their scenario.

        Attachments

          Activity

            People

            • Assignee:
              djencks David Jencks
              Reporter:
              ammulder Aaron Mulder
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: