[jboss-cvs] JBossAS SVN: r109161 - in branches/JBPAPP_4_2_0_GA_CP: testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Nov 5 10:00:45 EDT 2010
Author: mbenitez
Date: 2010-11-05 10:00:45 -0400 (Fri, 05 Nov 2010)
New Revision: 109161
Modified:
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml
Log:
JBPAPP-5322 web-console authentication bypass (synchronize wem.xml files in console, ejb3 and testsuite)
Modified: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml 2010-11-05 14:00:36 UTC (rev 109160)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml 2010-11-05 14:00:45 UTC (rev 109161)
@@ -338,7 +338,12 @@
<!-- A security constraint that restricts access to the HTML JMX console
to users with the role JBossAdmin. Edit the roles to what you want and
uncomment the WEB-INF/jboss-web.xml/security-domain element to enable
+ at SECURECONF
secured access to the HTML JMX console. -->
+ at ENDSECURECONF
+ at UNSECCONF
+ secured access to the HTML JMX console.
+ at ENDUNSECCONF
<security-constraint>
<web-resource-collection>
@@ -347,13 +352,14 @@
role JBossAdmin to access the HTML JMX console web application
</description>
<url-pattern>/*</url-pattern>
- <http-method>GET</http-method>
- <http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>JBossAdmin</role-name>
</auth-constraint>
</security-constraint>
+ at UNSECCONF
+ -->
+ at ENDUNSECCONF
<login-config>
<auth-method>BASIC</auth-method>
Modified: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml 2010-11-05 14:00:36 UTC (rev 109160)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml 2010-11-05 14:00:45 UTC (rev 109161)
@@ -338,7 +338,12 @@
<!-- A security constraint that restricts access to the HTML JMX console
to users with the role JBossAdmin. Edit the roles to what you want and
uncomment the WEB-INF/jboss-web.xml/security-domain element to enable
+ at SECURECONF
secured access to the HTML JMX console. -->
+ at ENDSECURECONF
+ at UNSECCONF
+ secured access to the HTML JMX console.
+ at ENDUNSECCONF
<security-constraint>
<web-resource-collection>
@@ -347,13 +352,14 @@
role JBossAdmin to access the HTML JMX console web application
</description>
<url-pattern>/*</url-pattern>
- <http-method>GET</http-method>
- <http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>JBossAdmin</role-name>
</auth-constraint>
</security-constraint>
+ at UNSECCONF
+ -->
+ at ENDUNSECCONF
<login-config>
<auth-method>BASIC</auth-method>
More information about the jboss-cvs-commits
mailing list