[jbossws-commits] JBossWS SVN: r6211 - stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/resources/jbossws-context.war/WEB-INF.

jbossws-commits at lists.jboss.org jbossws-commits at lists.jboss.org
Wed Apr 2 10:03:02 EDT 2008 

Author: darran.lofthouse at jboss.com
Date: 2008-04-02 10:03:02 -0400 (Wed, 02 Apr 2008)
New Revision: 6211

Modified:
   stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/resources/jbossws-context.war/WEB-INF/jboss-web.xml
   stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/resources/jbossws-context.war/WEB-INF/web.xml
Log:
[JBPAPP-732] Secure the jbossws web application.

Modified: stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/resources/jbossws-context.war/WEB-INF/jboss-web.xml
===================================================================
--- stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/resources/jbossws-context.war/WEB-INF/jboss-web.xml	2008-04-02 13:55:45 UTC (rev 6210)
+++ stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/resources/jbossws-context.war/WEB-INF/jboss-web.xml	2008-04-02 14:03:02 UTC (rev 6211)
@@ -6,9 +6,8 @@
 
 <jboss-web>
 
-  <!-- A security domain that restricts access
-  <security-domain>java:/jaas/JBossWS</security-domain>
-  -->
+  <!-- A security domain that restricts access -->
+  <security-domain>java:/jaas/jmx-console</security-domain>  
   
   <context-root>jbossws</context-root>
 

Modified: stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/resources/jbossws-context.war/WEB-INF/web.xml
===================================================================
--- stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/resources/jbossws-context.war/WEB-INF/web.xml	2008-04-02 13:55:45 UTC (rev 6210)
+++ stack/native/branches/jbossws-native-2.0.1.SP2_CP/src/main/resources/jbossws-context.war/WEB-INF/web.xml	2008-04-02 14:03:02 UTC (rev 6211)
@@ -34,22 +34,22 @@
     <url-pattern>/pclink</url-pattern>
   </servlet-mapping>
 
-   <!-- A security constraint that restricts access
+   <!-- A security constraint that restricts access -->
    <security-constraint>
      <web-resource-collection>
-       <web-resource-name>ContextServlet</web-resource-name>
-       <description>An example security config that only allows users with the
-         role 'friend' to access the JBossWS console web application
+       <web-resource-name>jbossws</web-resource-name>
+       <description>Security configuration that only allows users with the
+         role 'JBossAdmin' to access the JBossWS console web application
        </description>
        <url-pattern>/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
      </web-resource-collection>
      <auth-constraint>
-       <role-name>friend</role-name>
+       <role-name>JBossAdmin</role-name>
      </auth-constraint>
    </security-constraint>
-   -->
+   
 
    <login-config>
       <auth-method>BASIC</auth-method>
@@ -57,7 +57,7 @@
    </login-config>
 
    <security-role>
-      <role-name>friend</role-name>
+      <role-name>JBossAdmin</role-name>
    </security-role>
   
   <!--

More information about the jbossws-commits mailing list