[
https://jira.jboss.org/jira/browse/JBWS-1967?page=com.atlassian.jira.plug...
]
Richard Opalka commented on JBWS-1967:
--------------------------------------
From JAX-WS specification:
5.2.3 Publishing Permission
For security reasons, administrators may want to restrict the ability of applications to
publish Web ser-
vice endpoints. To this end, JAX-WS 2.0 defines a new permission class,
javax.xml.ws.WebService-
Permission, and one named permission, publishEndpoint.
* Conformance (Checking publishEndpoint Permission): When any of the publish methods
defined
by the Endpoint class are invoked, an implementation MUST check whether a SecurityManager
is
installed with the application. If it is, implementations MUST verify that the application
has the Web-
ServicePermission identified by the target name publishEndpoint before proceeding. If the
per-
mission is not granted, implementations MUST NOT publish the endpoint and they MUST throw
a java-
.lang.SecurityException.
Implement in memory webapp deployment
-------------------------------------
Key: JBWS-1967
URL:
https://jira.jboss.org/jira/browse/JBWS-1967
Project: JBoss Web Services
Issue Type: Task
Security Level: Public(Everyone can see)
Components: jbossws-native
Reporter: Heiko Braun
Assignee: Richard Opalka
Fix For: jbossws-native-3.0.6
Scott wrote:
The tomcat layer is being driven by the WebMetaData/JBossWebMetaData now, so any
modification by the ws deployers should be done as input into a deployer like
MergedJBossMetaDataDeployer does for the ejb metadata. I'd like to get this cleaned up
for jbossas 5.0.0.CR1 when the war deployer is cleaned up.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira