Author: jim.ma
Date: 2010-05-19 05:38:30 -0400 (Wed, 19 May 2010)
New Revision: 12268
Modified:
stack/cxf/trunk/modules/management/src/main/webapp/WEB-INF/web.xml
Log:
[JBWS-3032]:activated authentication for all HTTP verbs
Modified: stack/cxf/trunk/modules/management/src/main/webapp/WEB-INF/web.xml
===================================================================
--- stack/cxf/trunk/modules/management/src/main/webapp/WEB-INF/web.xml 2010-05-19 09:32:33
UTC (rev 12267)
+++ stack/cxf/trunk/modules/management/src/main/webapp/WEB-INF/web.xml 2010-05-19 09:38:30
UTC (rev 12268)
@@ -22,6 +22,30 @@
<url-pattern>/services/*</url-pattern>
</servlet-mapping>
+ <!-- A security constraint that restricts access
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>ContextServlet</web-resource-name>
+ <description>An example security config that only allows users with the
+ role 'friend' to access the JBossWS console web application
+ </description>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>friend</role-name>
+ </auth-constraint>
+ </security-constraint>
+ -->
+
+ <login-config>
+ <auth-method>BASIC</auth-method>
+ <realm-name>JBossWS Management Console</realm-name>
+ </login-config>
+
+ <security-role>
+ <role-name>friend</role-name>
+ </security-role>
+
<!--
currently the W3C haven't settled on a media type for WSDL;
http://www.w3.org/TR/2003/WD-wsdl12-20030303/#ietf-draft