You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by "Jean-Louis MONTEIRO (JIRA)" <ji...@apache.org> on 2009/04/22 16:28:48 UTC
[jira] Updated: (OPENEJB-1004) Web service endpoints not secured
[ https://issues.apache.org/jira/browse/OPENEJB-1004?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jean-Louis MONTEIRO updated OPENEJB-1004:
-----------------------------------------
Attachment: patch-openejb-1004.txt
WS-Security integration proposal
> Web service endpoints not secured
> ---------------------------------
>
> Key: OPENEJB-1004
> URL: https://issues.apache.org/jira/browse/OPENEJB-1004
> Project: OpenEJB
> Issue Type: Improvement
> Components: webservices
> Affects Versions: 3.1
> Reporter: Jonathan Gallimore
> Assignee: Jonathan Gallimore
> Attachments: patch-openejb-1004.txt
>
>
> It does not appear to be possible to secure webservice endpoints at the moment, therefore EJB session beans exposed as webservices will not work if they use the @RolesAllowed annotation.
> It would be nice to pass the values specified in the <web-service-security> tag in openejb-jar.xml were passed through to Tomcat/OpenEJB HTTP container, and to potentially support WS-Security schemes as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.