[jboss-cvs] JBossAS SVN: r92844 - branches/JBPAPP_5_0/build.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Aug 26 16:17:17 EDT 2009
Author: smarlow at redhat.com
Date: 2009-08-26 16:17:16 -0400 (Wed, 26 Aug 2009)
New Revision: 92844
Modified:
branches/JBPAPP_5_0/build/jbossas-5-enableauth.patch
Log:
JBPAPP-2661 Unsecured HTTP invokers
Modified: branches/JBPAPP_5_0/build/jbossas-5-enableauth.patch
===================================================================
--- branches/JBPAPP_5_0/build/jbossas-5-enableauth.patch 2009-08-26 19:30:54 UTC (rev 92843)
+++ branches/JBPAPP_5_0/build/jbossas-5-enableauth.patch 2009-08-26 20:17:16 UTC (rev 92844)
@@ -701,3 +701,17 @@
<!--
A template configuration for the JBossWS security domain.
This defaults to the UsersRolesLoginModule the same as other and should be
+diff -Naur server/default/deploy/http-invoker.sar/invoker.war/WEB-INF/web.xml server/default/deploy/http-invoker.sar/invoker.war/WEB-INF/web.xml
+--- server/default/deploy/http-invoker.sar/invoker.war/WEB-INF/web.xml 2009-08-26 15:57:10.000000000 -0400
++++ server/default/deploy/http-invoker.sar/invoker.war/WEB-INF/web.xml 2009-08-26 16:01:09.000000000 -0400
+@@ -156,6 +156,9 @@
+ role HttpInvoker to access the HTTP invoker servlets
+ </description>
+ <url-pattern>/restricted/*</url-pattern>
++ <url-pattern>/JNDIFactory/*</url-pattern>
++ <url-pattern>/EJBInvokerServlet/*</url-pattern>
++ <url-pattern>/JMXInvokerServlet/*</url-pattern>
+ <http-method>GET</http-method>
+ <http-method>POST</http-method>
+ </web-resource-collection>
+
More information about the jboss-cvs-commits
mailing list