Upon further reviewing the JBoss Wiki, I was able to confirm that the jboss-web.xml file
belongs in the WEB-INF directory. I've removed the redundant copies from the file.
It occured to me that I should mention that I am NOT trying to secure any EJB's,
jsp's, or html's, but rather, just one method, called processMessage, that is
offered up through the web service available at the url which conforms to the form
/CPWebService by use of JBossWS. Much of the documentation I've found takes steps
towards securing ejb's, and has thus seemed to trail off just when I need it most.
Hopefully this will provide the qualified reader a crucial clue. I haven't been able
to find anyone suggesting a way so specifically secure web method(s). Perhaps I am
attempting the impossible? I suspect not, but rather that I have just not been able to
unearch the appropriate hint.
Also, I'm not sure why the forum omitted portions of my log4j.xml code snippet, but
I'm confident that's correct. I obtained it from Q4 of the JBoss FAQ that is VERY
frequently pointed to in this particular branch of the forums.
Thanks for your consideration of this bump in my road.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3984908#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...