Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.1
    • Fix Version/s: 3.1.1
    • Component/s: webservices
    • Labels:
      None

      Description

      It does not appear to be possible to secure webservice endpoints at the moment, therefore EJB session beans exposed as webservices will not work if they use the @RolesAllowed annotation.

      It would be nice to pass the values specified in the <web-service-security> tag in openejb-jar.xml were passed through to Tomcat/OpenEJB HTTP container, and to potentially support WS-Security schemes as well.

      1. patch-openejb-1004.txt
        71 kB
        Jean-Louis MONTEIRO

        Activity

        Hide
        jlmonteiro Jean-Louis MONTEIRO added a comment -

        WS-Security integration proposal

        Show
        jlmonteiro Jean-Louis MONTEIRO added a comment - WS-Security integration proposal
        Hide
        dblevins David Blevins added a comment -

        Marked as completed by Jean-Louis as it appears the patch came from him.

        Show
        dblevins David Blevins added a comment - Marked as completed by Jean-Louis as it appears the patch came from him.
        Hide
        dblevins David Blevins added a comment -

        Looks like this one was committed in this revision:

        http://svn.apache.org/viewvc?rev=768087&view=rev

        Show
        dblevins David Blevins added a comment - Looks like this one was committed in this revision: http://svn.apache.org/viewvc?rev=768087&view=rev

          People

          • Assignee:
            jlmonteiro Jean-Louis MONTEIRO
            Reporter:
            jgallimore Jonathan Gallimore
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development