You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomee.apache.org by Jean-Louis MONTEIRO <je...@atosorigin.com> on 2010/02/25 12:15:02 UTC
openejb-jar.xml: version 3 vs 2 !
Hey,
I'd like to get your opinion regarding openejb-jar.xml descriptor.
I need to change the JNDI pattern as explained here
http://openejb.apache.org/3.0/jndi-names.html
http://openejb.apache.org/3.0/jndi-names.html .
So, i created a new file openejb-jar.xml containing:
<openejb-jar>
<properties>
openejb.jndiname.format = <my pattern>
</properties>
</openejb-jar>
It works like a charm :)
Now, in the same module, i need to activate WS-Security like explained here
http://openejb.apache.org/securing-a-web-service.html
http://openejb.apache.org/securing-a-web-service.html .
<openejb-jar xmlns="http://openejb.apache.org/xml/ns/openejb-jar-2.2">
<enterprise-beans>
...
<session>
<ejb-name>CalculatorImpl</ejb-name>
<web-service-security>
<security-realm-name/>
<transport-guarantee>NONE</transport-guarantee>
<auth-method>WS-SECURITY</auth-method>
<properties>
wss4j.in.action = UsernameToken
wss4j.in.passwordType = PasswordDigest
wss4j.in.passwordCallbackClass=org.superbiz.calculator.CustomPasswordHandler
</properties>
</web-service-security>
</session>
...
</enterprise-beans>
</openejb-jar>
It works like a charm too ;-)
Actually, if i need to activate WS-Security and I need to customize the JNDI
template in the same module i can't.
Basically, to customize JNDI template, i need to create an oepnejb-jar.xml
file version 3!
The ws-security feature is available in the version 2!
I dug into the ReadDescriptors class. I seems like we first try to load a
version 3, and as a fallback option, we try to load the version 2!
IMHO, we could use namespace to mix information from different version.
Any thoughts?
JLouis
--
View this message in context: http://n4.nabble.com/openejb-jar-xml-version-3-vs-2-tp1568849p1568849.html
Sent from the OpenEJB Dev mailing list archive at Nabble.com.
Re: openejb-jar.xml: version 3 vs 2 !
Posted by Jean-Louis MONTEIRO <je...@atosorigin.com>.
David,
I did a bit of refactoring to enable ws-security properties in the openejb
descriptor v3.
More over, the OpenEjb2Conversion now supports ws-security configuration.
Can you have a look to the revision 919019?
Some security properties are quite long and i'd like to know if you prefer a
new tag instead of properties.
Jean-Louis
--
View this message in context: http://n4.nabble.com/openejb-jar-xml-version-3-vs-2-tp1568849p1578264.html
Sent from the OpenEJB Dev mailing list archive at Nabble.com.
Re: openejb-jar.xml: version 3 vs 2 !
Posted by David Blevins <da...@visi.com>.
On Feb 25, 2010, at 3:15 AM, Jean-Louis MONTEIRO wrote:
>
> Hey,
>
> I'd like to get your opinion regarding openejb-jar.xml descriptor.
> I need to change the JNDI pattern as explained here
> http://openejb.apache.org/3.0/jndi-names.html
> http://openejb.apache.org/3.0/jndi-names.html .
> So, i created a new file openejb-jar.xml containing:
> <openejb-jar>
> <properties>
> openejb.jndiname.format = <my pattern>
> </properties>
> </openejb-jar>
FYI, I added that element to the v2 (geronimo-specific) descriptor as
well.
> Now, in the same module, i need to activate WS-Security like
> explained here
> http://openejb.apache.org/securing-a-web-service.html
> http://openejb.apache.org/securing-a-web-service.html .
>
> <openejb-jar xmlns="http://openejb.apache.org/xml/ns/openejb-jar-2.2">
> <enterprise-beans>
> ...
> <session>
> <ejb-name>CalculatorImpl</ejb-name>
> <web-service-security>
> <security-realm-name/>
> <transport-guarantee>NONE</transport-guarantee>
> <auth-method>WS-SECURITY</auth-method>
> <properties>
> wss4j.in.action = UsernameToken
> wss4j.in.passwordType = PasswordDigest
>
> wss4j
> .in
> .passwordCallbackClass=org.superbiz.calculator.CustomPasswordHandler
> </properties>
> </web-service-security>
> </session>
> ...
> </enterprise-beans>
> </openejb-jar>
>
> It works like a charm too ;-)
>
I'm curious how that works for OpenEJB without Geronimo. I don't
think it does even with a v2 descriptor. We probably have more work
to get this stuff configured in OpenEJB standalone/embedded/tomcat
scenarios. Do you know what we're missing on that front? If the ws
security stuff could all be plain properties, we could put them in the
new <properties> element that is now in both the v2 and v3 descriptors
-David