JBossWS SVN: r6216 - legacy/branches/jbossws-1.2.1.GA_CP/integration-jboss42/src/resources/jbossws.war/WEB-INF. - jbossws-commits

Wednesday, 2 April 2008


Author: darran.lofthouse(a)jboss.com
Date: 2008-04-02 12:43:00 -0400 (Wed, 02 Apr 2008)
New Revision: 6216

Modified:
  
legacy/branches/jbossws-1.2.1.GA_CP/integration-jboss42/src/resources/jbossws.war/WEB-INF/jboss-web.xml
  
legacy/branches/jbossws-1.2.1.GA_CP/integration-jboss42/src/resources/jbossws.war/WEB-INF/web.xml
Log:
[JBPAPP-733] Secure the jbossws web application.

Modified:
legacy/branches/jbossws-1.2.1.GA_CP/integration-jboss42/src/resources/jbossws.war/WEB-INF/jboss-web.xml
===================================================================
---
legacy/branches/jbossws-1.2.1.GA_CP/integration-jboss42/src/resources/jbossws.war/WEB-INF/jboss-web.xml	2008-04-02
16:31:42 UTC (rev 6215)
+++
legacy/branches/jbossws-1.2.1.GA_CP/integration-jboss42/src/resources/jbossws.war/WEB-INF/jboss-web.xml	2008-04-02
16:43:00 UTC (rev 6216)
@@ -5,10 +5,9 @@
     "http://www.jboss.org/j2ee/dtd/jboss-web_3_2.dtd">
 
 <jboss-web>
-
-  <!--
-  <security-domain>java:/jaas/jbossws</security-domain>
-  -->
+  
+  <security-domain>java:/jaas/jmx-console</security-domain>
+  
   <context-root>jbossws</context-root>
 
 </jboss-web>

Modified:
legacy/branches/jbossws-1.2.1.GA_CP/integration-jboss42/src/resources/jbossws.war/WEB-INF/web.xml
===================================================================
---
legacy/branches/jbossws-1.2.1.GA_CP/integration-jboss42/src/resources/jbossws.war/WEB-INF/web.xml	2008-04-02
16:31:42 UTC (rev 6215)
+++
legacy/branches/jbossws-1.2.1.GA_CP/integration-jboss42/src/resources/jbossws.war/WEB-INF/web.xml	2008-04-02
16:43:00 UTC (rev 6216)
@@ -34,6 +34,32 @@
     <url-pattern>/pclink</url-pattern>
   </servlet-mapping>
 
+  <!-- A security constraint that restricts access -->
+  <security-constraint>
+    <web-resource-collection>
+      <web-resource-name>jbossws</web-resource-name>
+      <description>Security configuration that only allows users with the
+        role 'JBossAdmin' to access the JBossWS console web application
+      </description>
+      <url-pattern>/*</url-pattern>
+      <http-method>GET</http-method>
+      <http-method>POST</http-method>
+    </web-resource-collection>
+    <auth-constraint>
+      <role-name>JBossAdmin</role-name>
+    </auth-constraint>
+  </security-constraint>
+   
+
+  <login-config>
+    <auth-method>BASIC</auth-method>
+    <realm-name>JBossWS Management Console</realm-name>
+  </login-config>
+
+  <security-role>
+    <role-name>JBossAdmin</role-name>
+  </security-role>
+   
   <!-- 
   currently the W3C haven't settled on a media type for WSDL;
   http://www.w3.org/TR/2003/WD-wsdl12-20030303/#ietf-draft


    

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

JBossWS SVN: r6216 - legacy/branches/jbossws-1.2.1.GA_CP/integration-jboss42/src/resources/jbossws.war/WEB-INF.